Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2015/10/29 12:0 a.m.24 views

Fedora 21 : bugzilla-4.4.10-1.fc21 (2015-15768)

Security fix for CVE-2015-4499 A security problem was found in supported versions of Bugzilla. Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected email address. Bugzilla 4.4.10 fixes the issue for the 4.4 branch of...

7.5CVSS5.5AI score0.03371EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/10/29 12:0 a.m.16 views

Fedora Update for bugzilla FEDORA-2015-15767

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS4.8AI score0.03371EPSS
Exploits1References2
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.94 views

Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14

Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected ema...

7.5CVSS4.3AI score0.03371EPSS
Exploits1
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.75 views

Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15

Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected ema...

7.5CVSS4.3AI score0.03371EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/10/06 12:0 a.m.22 views

Fedora 23 : bugzilla-4.4.10-1.fc23 (2015-15769)

Security fix for CVE-2015-4499 A security problem was found in supported versions of Bugzilla. Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected email address. Bugzilla 4.4.10 fixes the issue for the 4.4 branch of...

7.5CVSS5.5AI score0.03371EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/09/21 12:0 a.m.30 views

Bugzilla < 4.2.15 / 4.4.10 / 5.0.1 Unauthorized Account Creation Vulnerability

According to its banner, the version of Bugzilla running on the remote host contains a flaw that causes input passed via the 'login' parameter to be truncated, resulting in domain names of email addresses becoming corrupted. An unauthenticated, remote attacker can exploit this to create accounts...

7.5CVSS5.6AI score0.03371EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2015/09/20 12:0 a.m.20 views

Bugzilla Mail Authentication Mechanism Bypass (CVE-2015-4499)

An authentication mechanism bypass vulnerability has been found in Bugzilla. Any unauthenticated remote attacker may leverage this vulnerability to gain access to database information regarding unpatched bugs, and exploit them to attack the affected pieces of software before security patches are...

7.5CVSS3AI score0.03371EPSS
Exploits1
ThreatPost
ThreatPost
added 2015/09/17 1:12 p.m.18 views

Bugzilla Privilege Escalation Security Patch

Developers and organizations that use the Bugzilla open source bug-tracking system should upgrade to current versions after the disclosure of details of a vulnerability in its email-based permissions process. The flaw, CVE-2015-4499, was patched last week in versions 4.2.15, 4.4.10 and 5.0.1 afte...

7.5CVSS0.9AI score0.03371EPSS
Exploits1References5
CVE
CVE
added 2015/09/14 1:0 a.m.76 views

CVE-2015-4499

CVE-2015-4499 affects Bugzilla across multiple branches (Bugzilla 2.x/3.x/4.x pre-4.2.15, pre-4.4.10 for 4.x line, and 5.x pre-5.0.1). The flaw mishandles long e-mail addresses during account creation, truncating login names longer than 127 characters (notably an @mozilla.com.example.com address ...

7.5CVSS4.7AI score0.03371EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder