Lucene search
HistoryOct 03, 2022 - 4:23 p.m.
CVE-2009-3125
cve-2009-3125
sql injection
bugzilla
webservice
vulnerability
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
48.5%
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Affected configurations
Node
mozillabugzillaMatch3.3.2
ORmozillabugzillaMatch3.3.3
ORmozillabugzillaMatch3.3.4
ORmozillabugzillaMatch3.4
ORmozillabugzillaMatch3.4.1
ORmozillabugzillaMatch3.5
Related
cvelist
cvelist
CVE-2009-3125
2022-10-03 16:23:55
nvd
nvd
CVE-2009-3125
2009-09-15 22:30:00
openvas
openvas
Fedora Core 11 FEDORA-2009-9554 (bugzilla)
2009-09-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-3125
2009-09-15 00:00:00
prion
prion
Sql injection
2009-09-15 22:30:00
seebug
seebug
Mozilla Bugzilla Bug.create()和Bug.search()函数SQL注入漏洞
2009-09-16 00:00:00
nessus
nessus
Fedora 11 : bugzilla-3.2.5-1.fc11 (2009-9554)
2009-09-21 00:00:00
Fedora 10 : bugzilla-3.2.5-1.fc10 (2009-9550)
2009-09-21 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: bugzilla-3.2.5-1.fc11
2009-09-19 00:06:52
[SECURITY] Fedora 10 Update: bugzilla-3.2.5-1.fc10
2009-09-19 00:11:57
[SECURITY] Fedora 11 Update: bugzilla-3.2.6-2.fc11
2010-02-09 05:10:39
freebsd
freebsd
bugzilla -- two SQL injections, sensitive data exposure
2009-09-11 00:00:00
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
48.5%
Related for CVE-2009-3125