Executive Summary

Informations
Name CVE-2012-3981 First vendor Publication 2012-09-04
Vendor Cve Last vendor Modification 2017-08-29

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 does not restrict the characters in a username, which might allow remote attackers to inject data into an LDAP directory via a crafted login attempt.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3981

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-255 Credentials Management

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 168

OpenVAS Exploits

Date Description
2012-11-26 Name : Fedora Update for bugzilla FEDORA-2012-18210
File : nvt/gb_fedora_2012_18210_bugzilla_fc17.nasl
2012-11-26 Name : Fedora Update for bugzilla FEDORA-2012-18224
File : nvt/gb_fedora_2012_18224_bugzilla_fc16.nasl
2012-09-11 Name : Bugzilla LDAP Code Injection And Security Bypass Vulnerabilities
File : nvt/gb_bugzilla_code_injection_n_sec_bypass_vulns.nasl
2012-09-11 Name : Fedora Update for bugzilla FEDORA-2012-13163
File : nvt/gb_fedora_2012_13163_bugzilla_fc17.nasl
2012-09-11 Name : Fedora Update for bugzilla FEDORA-2012-13171
File : nvt/gb_fedora_2012_13171_bugzilla_fc16.nasl
2012-09-07 Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla19.nasl

Nessus® Vulnerability Scanner

Date Description
2013-04-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-066.nasl - Type : ACT_GATHER_INFO
2012-09-18 Name : The remote Fedora host is missing a security update.
File : fedora_2012-13162.nasl - Type : ACT_GATHER_INFO
2012-09-13 Name : The remote web server contains a CGI application that suffers from multiple v...
File : bugzilla_3_6_11.nasl - Type : ACT_GATHER_INFO
2012-09-11 Name : The remote Fedora host is missing a security update.
File : fedora_2012-13163.nasl - Type : ACT_GATHER_INFO
2012-09-11 Name : The remote Fedora host is missing a security update.
File : fedora_2012-13171.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6ad18fe5f46911e1920d20cf30e32f6d.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CONFIRM http://www.bugzilla.org/security/3.6.10/
https://bugzilla.mozilla.org/show_bug.cgi?id=785470
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2013:066
MISC https://bugzilla.mozilla.org/show_bug.cgi?id=785112
OSVDB http://osvdb.org/85072
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/78193

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2021-05-04 12:21:26
  • Multiple Updates
2021-04-22 01:25:34
  • Multiple Updates
2020-05-23 00:34:27
  • Multiple Updates
2017-08-29 09:23:59
  • Multiple Updates
2016-06-28 22:01:00
  • Multiple Updates
2014-02-17 11:12:39
  • Multiple Updates
2013-12-13 13:19:02
  • Multiple Updates
2013-05-10 22:44:31
  • Multiple Updates
2013-03-26 13:18:40
  • Multiple Updates