Bugzilla usevisibilitygroups Setting User Matching Bypass

2005-09-30T06:05:04
ID OSVDB:19812
Type osvdb
Reporter OSVDB
Modified 2005-09-30T06:05:04

Description

Solution Description

Upgrade to version 2.20 (stable), 2.21.1 (devel) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=308662 Secunia Advisory ID:17030 Related OSVDB ID: 19811 Other Advisory URL: http://www.bugzilla.org/security/2.18.4/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0373.html CVE-2005-3139 Bugtraq ID: 14996