Bugzilla process_bug.cgi Arbitrary Keyword Removal

2004-10-24T11:20:15
ID OSVDB:11114
Type osvdb
Reporter OSVDB
Modified 2004-10-24T11:20:15

Description

Solution Description

Upgrade to version 2.16.7, 2.18rc3, 2.19.1 development snapshot or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.bugzilla.org/ Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=252638 Security Tracker: 1011924 Secunia Advisory ID:12939 Secunia Advisory ID:13299 Related OSVDB ID: 11116 Related OSVDB ID: 11115 Other Advisory URL: http://www.bugzilla.org/security/2.16.6/ Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000896 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0251.html ISS X-Force ID: 17840 CVE-2004-1633