oval:org.mitre.oval:def:14859

Definition Id: oval:org.mitre.oval:def:14859
 
Oval ID: oval:org.mitre.oval:def:14859
Title: DSA-2322-1 bugzilla -- several
Description: Several vulnerabilities were discovered in Bugzilla, a web-based bug tracking system. CVE-2010-4572 By inserting particular strings into certain URLs, it was possible to inject both headers and content to any browser. CVE-2010-4567, CVE-2011-0048 Bugzilla has a "URL" field that can contain several types of URL, including "javascript:" and "data:" URLs. However, it does not make "javascript:" and "data:" URLs into clickable links, to protect against cross-site scripting attacks or other attacks. It was possible to bypass this protection by adding spaces into the URL in places that Bugzilla did not expect them. Also, "javascript:" and "data:" links were *always* shown as clickable to logged-out users. CVE-2010-4568 It was possible for a user to gain unauthorised access to any Bugzilla account in a very short amount of time. CVE-2011-0046 Various pages were vulnerable to Cross-Site Request Forgery attacks. Most of these issues are not as serious as previous CSRF vulnerabilities. CVE-2011-2978 When a user changes his email address, Bugzilla trusts a user-modifiable field for obtaining the current e-mail address to send a confirmation message to. If an attacker has access to the session of another user , the attacker could alter this field to cause the email-change notification to go to their own address. This means that the user would not be notified that his account had its email address changed by the attacker. CVE-2011-2381 For flagmails only, attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications when an attachment flag is edited. CVE-2011-2379 Bugzilla uses an alternate host for attachments when viewing them in raw format to prevent cross-site scripting attacks. This alternate host is now also used when viewing patches in "Raw Unified" mode because Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing, which could lead to the execution of malicious code. CVE-2011-2380 CVE-201-2979 Normally, a group name is confidential and is only visible to members of the group, and to non-members if the group is used in bugs. By crafting the URL when creating or editing a bug, it was possible to guess if a group existed or not, even for groups which weren't used in bugs and so which were supposed to remain confidential.
Family: unix Class: patch
Reference(s): DSA-2322-1
CVE-2010-4567
CVE-2010-4568
CVE-2010-4572
CVE-2011-0046
CVE-2011-0048
CVE-2011-2379
CVE-2011-2380
CVE-2011-2381
CVE-2011-2978
CVE-2011-2979
 Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): bugzilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12959
 
Oval ID: oval:org.mitre.oval:def:12959
Title: Debian 6.0 is installed
Description: Debian 6.0 (squeeze) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian:6.0
 Version: 6
Platform(s): Debian 6.0
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:14859
Definition Id: oval:org.mitre.oval:def:24698
 
Oval ID: oval:org.mitre.oval:def:24698
Title: Debian GNU/kFreeBSD is installed
Description: Debian GNU/kFreeBSD is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/kfreebsd
 Version: 3
Platform(s): Debian GNU/kFreeBSD
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:14859
Definition Id: oval:org.mitre.oval:def:24894
 
Oval ID: oval:org.mitre.oval:def:24894
Title: Debian GNU/Linux is installed
Description: Debian GNU/Linux is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux
 Version: 3
Platform(s): Debian GNU/Linux
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:14859