Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable8606.PRM
HistoryFeb 09, 2015 - 12:00 a.m.

Bugzilla < 4.0.15 / 4.2.11 / 4.4.6 / 4.5.6 Multiple Vulnerabilities

2015-02-0900:00:00
Tenable
www.tenable.com
9
JSON

The remote host is running Bugzilla, a bug-tracking software with a web interface. The version of Bugzilla on the remote host is susceptible to the following vulnerabilities :

  • A security-bypass vulnerability because it fails to verify the email id during account creation. Specifically, this issue occurs because the login names are automatically added to groups based on the domain. This issue affects the ‘realname’ parameter.(CVE-2014-1572)

  • Multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input submitted to CGI arguments.(CVE-2014-1573)

  • An information disclosure vulnerability because a flag mail recipient who is not in an insider group can view the private comments.(CVE-2014-1571)

Binary data 8606.prm
VendorProductVersionCPE
mozillabugzillacpe:/a:mozilla:bugzilla

Related

nessus 8
securityvulns 3
fedora 5
openvas 6
freebsd 2
mageia 1
gentoo 1
thn 1
ubuntucve 4
checkpoint_advisories 1
prion 4
cve 4
debiancve 1
nessus
nessus
Bugzilla < 4.0.15 / 4.2.11 / 4.4.6 / 4.5.6 Multiple Vulnerabilities
2014-10-06 00:00:00
FreeBSD : Bugzilla multiple security issues (b6587341-4d88-11e4-aef9-20cf30e32f6d)
2014-10-07 00:00:00
Mandriva Linux Security Advisory : bugzilla (MDVSA-2014:200)
2014-10-22 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.5.6, 4.4.6, 4.2.11, and 4.0.15
2014-10-14 00:00:00
[ MDVSA-2014:200 ] bugzilla
2014-11-03 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-11-03 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: bugzilla-4.4.6-1.fc21
2014-11-01 17:10:00
[SECURITY] Fedora 20 Update: bugzilla-4.2.11-1.fc20
2014-10-22 08:51:49
[SECURITY] Fedora 19 Update: bugzilla-4.2.11-1.fc19
2014-10-22 08:50:36
openvas
openvas
Fedora Update for bugzilla FEDORA-2014-12530
2014-10-23 00:00:00
Mageia: Security Advisory (MGASA-2014-0412)
2022-01-28 00:00:00
Fedora Update for bugzilla FEDORA-2014-12584
2014-10-23 00:00:00
freebsd
freebsd
Bugzilla multiple security issues
2014-10-06 00:00:00
ikiwiki -- multiple vulnerabilities
2016-12-19 00:00:00
mageia
mageia
Updated bugzilla packages fix security vulnerabilities
2014-10-09 18:39:32
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2016-07-20 00:00:00
thn
thn
Zero-Day in Bugzilla Exposes Zero-Day Vulnerabilities to Hackers
2014-10-06 22:37:00
ubuntucve
ubuntucve
CVE-2014-1572
2014-10-13 00:00:00
CVE-2014-1573
2014-10-13 00:00:00
CVE-2014-1571
2014-10-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Bugzilla Privilege Escalation - Email Validation Bypass (CVE-2014-1572)
2014-10-02 00:00:00
prion
prion
Design/Logic Flaw
2014-10-13 01:55:00
Cross site scripting
2014-10-13 01:55:00
Design/Logic Flaw
2014-10-13 01:55:00
cve
cve
CVE-2014-1572
2014-10-13 01:55:00
CVE-2014-1573
2014-10-13 01:55:00
CVE-2014-1571
2014-10-13 01:55:00
debiancve
debiancve
CVE-2016-9646
2018-04-13 15:29:00
JSON
Related for 8606.PRM
nessus8securityvulns3fedora5openvas6freebsd2mageia1gentoo1thn1ubuntucve4checkpoint_advisories1prion4cve4debiancve1