CVE-2012-5883

CVE-2012-5883 is a cross-site scripting (XSS) vulnerability in the Flash component infrastructure of YUI (versions 2.8.0–2.9.0) used by Bugzilla 3.7.x/4.0.x (before 4.0.9), 4.1.x/4.2.x (before 4.2.4), and 4.3.x/4.4.x (before 4.4rc1). The issue allows remote attackers to inject arbitrary script/HT...

CVE-2010-4567

CVE-2010-4567 affects Bugzilla: whitespace before javascript: or data: in the URL field allows XSS. Affected versions per description: Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2. Public notices across multiple advisories confirm the issue and provide ...

CVE-2010-3172

CVE-2010-3172 describes a CRLF injection/HTTP response-splitting vulnerability in Bugzilla when Server Push is enabled, allowing a crafted URL to inject arbitrary HTTP headers and content. Affected Bugzilla versions: 3.2.9 and later within 3.2.x; 3.4.x before 3.4.9; 3.6.x before 3.6.3; 4.0.x befo...

CVE-2003-0012

CVE-2003-0012 (Bugzilla) is associated with Bugzilla data/mining directory being set to world-writable when the data collection script runs, enabling local modification or deletion of collected data. The vulnerability is documented in Debian DSA-230-1 and Debian/NVD entries, with affected Bugzill...

CVE-2014-1572

CVE-2014-1572 affects Bugzilla 2.x through 4.5.x where confirm_create_account in token.cgi does not enforce scalar context for the realname parameter. This allows remote attackers to create accounts with unverified e-mail addresses by sending three realname values, with realname=login_name as the...

CVE-2011-2379

CVE-2011-2379 is a cross-site scripting issue in Bugzilla related to viewing patches in Raw Unified mode . The vulnerability arises because an alternate host used for attachments when viewing them in raw format is also used for patches, and it is exploited when users use Internet Explorer < 9 ...

CVE-2006-5453

CVE-2006-5453 affects Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3. The description cites multiple cross-site scripting (XSS) vulnerabilities allowing remote authenticated users to inject arbitrary web script or HTML via: (1) page headers in ...

CVE-2013-1743

CVE-2013-1743 is a cross-site scripting (XSS) vulnerability in Bugzilla’s report.cgi used to build tabular reports. It allows remote attackers to inject arbitrary script/HTML via a field value (e.g., the sum mary or real name) during report construction, due to an incomplete fix for CVE-2012-4189...

CVE-2015-4499

CVE-2015-4499 affects Bugzilla across multiple branches (Bugzilla 2.x/3.x/4.x pre-4.2.15, pre-4.4.10 for 4.x line, and 5.x pre-5.0.1). The flaw mishandles long e-mail addresses during account creation, truncating login names longer than 127 characters (notably an @mozilla.com.example.com address ...

CVE-2004-0769

CVE-2004-0769 : Buffer overflow in LHarc/LHA handling of long pathnames in LHarc format (2 headers for .LHZ) allows remote code execution. The issue is fixed in the header.c code path (different from CVE-2004-0771). Affected in LHarc/LHA upstream releases; multiple advisories reference this vulne...

CVE-2010-4572

CVE-2010-4572 is a CRLF/header injection vulnerability in Bugzilla that can be triggered via the query string to inject HTTP headers and enable HTTP response splitting. Debian’s security advisory DSA-2322-1 explicitly lists this CVE among vulnerabilities in Bugzilla and notes that the issue was f...

CVE-2012-3981

Bugzilla contains an LDAP username handling flaw in Auth/Verify/LDAP.pm that does not restrict characters, potentially allowing remote attackers to inject data into an LDAP directory via crafted login attempts. Affected versions include Bugzilla 2.x/3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8...

CVE-2013-1742

The CVE-2013-1742 issue affects Bugzilla’s editflagtypes.cgi across multiple releases. Vulnerable versions include Bugzilla 2.x, 3.x, and 4.0.x prior to 4.0.11; 4.1.x and 4.2.x prior to 4.2.7; and 4.3.x and 4.4.x prior to 4.4.1. The root cause is improper validation of parameters (id, sortkey), e...

CVE-2004-1061

CVE-2004-1061 is an XSS vulnerability in Bugzilla prior to 2.18 (and in 2.16.x prior to 2.16.11). An attacker could inject arbitrary HTML/script via forced error messages, using the action parameter. Affected versions include Bugzilla < 2.18.0 and 2.16.x

CVE-2010-4569

CVE-2010-4569 is an XSS vulnerability in Bugzilla affecting versions 3.7.1, 3.7.2, 3.7.3, and 4.0rc1. The issue arises in Bugzilla’s user account real name field, related to the YUI AutoComplete widget, allowing remote attackers to inject arbitrary script/HTML. The connected records confirm the B...

CVE-2011-2977

Bugzilla 3.6.x (up to 3.6.5), 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows fail to delete temporary files created for uploaded attachments, allowing local users to read sensitive data. Root cause: regression in 3.6. Additionally, the vulnerability is limited to Windows builds as s...

CVE-2015-8509

CVE-2015-8509 affects Bugzilla templates (Template.pm) across Bugzilla 2.x, 3.x, 4.x up to 4.2.16/4.3.x and 4.4.x up to 4.4.11, and 4.5.x–5.0.x up to 5.0.2. The issue stems from improper CSV construction that, when a CSV is interpreted as JavaScript by a browser, may leak sensitive information. T...

CVE-2016-2803

CVE-2016-2803 is a cross-site scripting vulnerability in Bugzilla’s dependency graphs affecting versions 2.16rc1–4.4.11 and 4.5.1–5.0.2. The issue allows remote attackers to inject arbitrary web script or HTML. OpenVAS and Fedora advisories confirm the bug is exploitable via the Bugzilla dependen...

CVE-2010-2470

CVE-2010-2470 affects Bugzilla’s Install/Filesystem.pm in Bugzilla versions 3.5.1–3.6.1 and 3.7–3.7.1 when use_suexec is enabled. It allows local users to read potentially sensitive data due to world-readable permissions inside the directories in question: (.bzr/ and data/webdot/), per the descri...

CVE-2011-2380

CVE-2011-2380 affects Bugzilla and allows remote attackers to determine the existence of private group names by crafting parameters during bug creation or editing. Affected versions include Bugzilla 2.23.3–2.22.7, 3.0.x–3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4....

CVE-2011-2979

Technical details for CVE-2011-2979 are not publicly available in the provided connected documents; monitor for updates. The materials reference the CVE but do not supply affected products, root cause, or fixes.

CVE-2012-4189

CVE-2012-4189 is a cross-site scripting (XSS) vulnerability in Bugzilla where an attacker can inject arbitrary script/HTML via a field value (notably the Version field) when constructing a tabular report. Affected are Bugzilla 4.1.x and 4.2.x before 4.2.4; and 4.3.x and 4.4.x before 4.4rc1. The u...

CVE-2007-4543

CVE-2007-4543 is a cross-site scripting (XSS) vulnerability in Bugzilla. According to the provided sources, it affects the bug filing form in Bugzilla’s guided form via the buildid parameter. A remote attacker could inject arbitrary script/HTML, enabling credential theft or session compromise. Af...

CVE-2010-4568

CVE-2010-4568 affects Bugzilla 2.14–2.22.7; 3.0.x–3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2, where cookies/tokens were generated with an insufficient number of srand calls, allowing remote attackers to gain access to arbitrary Bugzilla accounts via unsp...

CVE-2013-1734

CVE-2013-1734 is a CSRF vulnerability in Bugzilla's attachment.cgi that allows remote attackers to hijack user authentication for requests that modify an attachment via an update action. Affected products/versions include Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; a...

CVE-2003-0602

CVE-2003-0602 affects Bugzilla 2.16.x up to 2.16.2 and 2.17.x up to 2.17.3, where remote attackers could inject arbitrary HTML or script. The flaws are in two vectors: (1) default German/Russian HTML templates, and (2) ALT and NAME attributes in AREA tags used by GraphViz-based local dependency g...

CVE-2009-0481

The CVE-2009-0481 issue affects Bugzilla 2.x (before 2.22.7), 3.0 (before 3.0.7), 3.2 (before 3.2.1), and 3.3 (before 3.3.2). It allows remote authenticated users to perform cross-site scripting by uploading HTML/JavaScript attachments that are rendered by browsers. The NVD CVSSv2 score is 3.5 (L...

CVE-2009-3989

CVE-2009-3989 affects Bugzilla prior to fixed versions: 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x before 3.5.3. The issue allows remote attackers to obtain sensitive information by requesting directories used for custom installations (e.g., CVS/, contrib/, docs/en/xml/, t/, old-pa...

CVE-2010-2756

CVE-2010-2756 : Bugzilla's Search.pm exposes group membership information of arbitrary users via the Search interface (including boolean charts and group-based pronouns). Affects Bugzilla versions: 2.19.1–3.2.7, 3.3.1–3.4.7, 3.5.1–3.6.1, and 3.7–3.7.2. This constitutes an information disclosure v...

CVE-2011-0046

CVE-2011-0046 affects Bugzilla prior to 3.2.10, 3.4.x prior to 3.4.10, 3.6.x prior to 3.6.4, and 4.0.x prior to 4.0rc2, enabling CSRF to hijack user authentication for actions such as adding saved searches, voting, sanity checks, charting, column changes, and quips. Public sources in the connecte...

CVE-2012-0466

CVE-2012-0466 affects Bugzilla 2.x/3.x prior to 3.6.9, 3.7.x, and 4.0.x prior to 4.0.6, as well as 4.1.x and 4.2.x prior to 4.2.1. The flaw is in template/en/default/list/list.js.tmpl that does not properly handle multiple logins, enabling remote attackers to perform cross-site scripting (XSS) an...

CVE-2014-8630

CVE-2014-8630 affects Bugzilla versions across 4.0.x to 5.x before specific fixed points. The underlying issue is a command injection via a two-argument Perl open call when a crafted input is given in a product name, exploitable by remote authenticated users with editcomponents privilege. Impact ...

CVE-2011-0048

CVE-2011-0048 affects Bugzilla: the URL field (bug_file_loc) can contain javascript: or data: URIs. The issue allows cross-site scripting against logged-out users when the URI is crafted in certain Bugzilla versions (3.2.x up to 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, 4.0.x before 4.0rc2...

CVE-2013-0785

CVE-2013-0785 : A cross-site scripting (XSS) vulnerability exists in Bugzilla’s show_bug.cgi whereby an attacker can inject arbitrary script/HTML via the id parameter when used with an invalid format parameter. Affected Bugzilla branches include 3.6.x, 3.7.x, 4.0.x before 4.0.10, 4.1.x, 4.2.x bef...

CVE-2015-8508

CVE-2015-8508 is a cross-site scripting (XSS) vulnerability in Bugzilla’s showdependencygraph.cgi. The attacker can inject arbitrary script/HTML via a crafted bug summary when a local dot configuration is used. Affected products/versions include Bugzilla 2.x, 3.x, and 4.x before 4.2.16; 4.3.x and...

CVE-2005-4534

CVE-2005-4534 affects Bugzilla versions 2.9–2.16.10 via the shadow database (syncshadowdb). A local user can exploit insecure temporary file handling to perform a symlink attack and overwrite files Bugzilla can access, potentially leading to denial of service. The advisory notes that newer versio...

CVE-2012-0440

CVE-2012-0440 is a CSRF vulnerability in Bugzilla’s JSON-RPC API (jsonrpc.cgi) that could allow an attacker to hijack the authentication of arbitrary users for JSON-RPC requests. Affected Bugzilla versions include 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x bef...

CVE-2003-0013

CVE-2003-0013 concerns Bugzilla’s default .htaccess behavior. The bug is that backups of localconfig created by editors (e.g., vi, Emacs; often .swp or ~ files) were not blocked by the default .htaccess, potentially allowing remote attackers to download a backup and obtain the database password. ...

CVE-2009-3165

CVE-2009-3165 is a SQL injection vulnerability affecting Bugzilla 2.23.4–3.0.8, 3.1.1–3.2.4, and 3.3.1–3.4.1 via Bug.create WebService parameters, enabling remote arbitrary SQL execution. Connected advisories confirm impact and remediation guidance, notably Gentoo GLSA 2010-06-19 recommending upg...

CVE-2011-2381

Summary: CVE-2011-2381 is a CRLF injection vulnerability in Bugzilla that allows remote attackers to inject arbitrary email headers via an attachment description in a flagmail notification. The initial description lists affected versions: Bugzilla 2.17.1–2.22.7, 3.0.x–3.3.x, 3.4.x before 3.4.12, ...

CVE-2013-1733

CVE-2013-1733 affects Bugzilla 4.4.x prior to 4.4.1. A CSRF flaw in process_bug.cgi enables remote attackers to hijack a user’s session to modify bugs via requests authenticated with a midair-collision token. CVSSv2 base score 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P). Remediation: upgrade to Bugzilla 4.4...

CVE-2014-1571

Bugzilla is affected in multiple lines: vulnerable components are Bugzilla versions 2.x–4.0.x (pre-4.0.15), 4.1.x, 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6. The flaw allows remote authenticated users to obtain sensitive private-comment information by abusing a rol...

CVE-2001-1406

CVE-2001-1406 affects Bugzilla prior to 2.14. The vulnerability occurs when moving a bug between product groups, where the groupset flag is not updated, causing the bug to retain the old group’s (potentially less stringent) restrictions. This is a local issue with low public impact per the CVSS v...

CVE-2009-3386

The CVE-2009-3386 vulnerability affects Bugzilla versions 3.3.2–3.4.3 and 3.5–3.5.1, where Template.pm allows an attacker to remotely read the alias of a private bug by inspecting the Related Bug fields (Depends On or Blocks). The underlying issue is an information-disclosure path in Bugzilla’s t...

CVE-2008-4437

CVE-2008-4437 describes a directory traversal vulnerability in Bugzilla’s importxml.pl when --attach_path is enabled. It affects Bugzilla versions before 2.22.5 and 3.x before 3.0.5, allowing a remote attacker to read arbitrary files by placing a .. in the data element of an XML file. The issue’s...

CVE-2010-1204

CVE-2010-1204 concerns Bugzilla versions 2.17.1–3.7 where the Search.pm module mishandles a crafted boolean chart search URL, potentially exposing sensitive time-tracking data to remote attackers. The vulnerability arises from inadequate input handling in the search feature, enabling information ...

CVE-2005-2174

CVE-2005-2174 concerns Bugzilla where Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 insert bugs before they are private, enabling a race condition that can expose bug details via buglist.cgi before MySQL replication completes. Connected references corroborate the flaw and i...

CVE-2009-0485

CVE-2009-0485 is a CSRF vulnerability in Bugzilla affecting 2.17–2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2. An attacker can cause deletion of unused flag types by delivering a crafted link or IMG tag to editflagtypes.cgi. The root cause is CSRF without sufficient user inter...

CVE-2009-3166

Bugzilla 3.4rc1–3.4.1 vulnerability: token.cgi places a password in the login URL after a reset, allowing context-dependent attackers to obtain passwords via web server access logs, Referer logs, or browser history. The provided documents confirm Bugzilla involvement and CVE-2009-3166, but do not...

CVE-2001-1407

Bugzilla before 2.14 is vulnerable: users can bypass group security by marking a bug as a duplicate of a restricted bug, which adds the user to the restricted bug’s CC list and lets them view it. Affected: Bugzilla ≤ 2.13 (pre-2.14). Root cause: bypass of group security checks via duplicate marki...