Lucene search

K

6 matches found

CVE
CVE
added 2004/08/18 4:0 a.m.44 views

CVE-2003-1046

describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.

7.5CVSS6.7AI score0.01402EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.44 views

CVE-2004-0769

Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.

10CVSS7.7AI score0.37949EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.39 views

CVE-2003-1043

SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.

10CVSS7.8AI score0.00895EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.38 views

CVE-2003-1045

votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter.

5CVSS6.2AI score0.00838EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.33 views

CVE-2003-1042

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

10CVSS7.8AI score0.00569EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.32 views

CVE-2003-1044

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

7.5CVSS6.5AI score0.00733EPSS