9 matches found
CVE-2009-3125
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
Fedora Update for bugzilla FEDORA-2010-1458
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mozilla Bugzilla 'Bug.search()' WebService Function SQL Injection Vulnerability
Bugzilla is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...
Fedora Core 11 FEDORA-2009-9554 (bugzilla)
The remote host is missing an update to bugzilla announced via advisory FEDORA-2009-9554. OpenVAS Vulnerability Test $Id: fcore20099554.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-9554 bugzilla Authors: Thomas Reinke Copyright: Copyright c 2009...
Fedora 11 : bugzilla-3.2.5-1.fc11 (2009-9554)
Update to upstream version 3.2.5 fixing two SQL injection security flaws CVE-2009-3125, CVE-2009-3165 detailed in the upstream security advisory: http://www.bugzilla.org/security/3.0.8/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 10 : bugzilla-3.2.5-1.fc10 (2009-9550)
Update to upstream version 3.2.5 fixing two SQL injection security flaws CVE-2009-3125, CVE-2009-3165 detailed in the upstream security advisory: http://www.bugzilla.org/security/3.0.8/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora Core 10 FEDORA-2009-9550 (bugzilla)
The remote host is missing an update to bugzilla announced via advisory FEDORA-2009-9550. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
CVE-2009-3125
CVE-2009-3125 : Bugzilla 3.3.2–3.4.1 and 3.5 are affected by an SQL injection in the Bug.search WebService, allowing remote attackers to execute arbitrary SQL via unspecified parameters. The issue is within Bugzilla’s web service layer and is tied to untrusted input used in SQL queries. Several c...
Bugzilla < 3.0.9/3.2.5/3.4.2 Multiple Vulnerabilities
Binary data 5169.prm...