35 matches found
CVE-2015-4499
CVE-2015-4499 affects Bugzilla across multiple branches (Bugzilla 2.x/3.x/4.x pre-4.2.15, pre-4.4.10 for 4.x line, and 5.x pre-5.0.1). The flaw mishandles long e-mail addresses during account creation, truncating login names longer than 127 characters (notably an @mozilla.com.example.com address ...
CVE-2010-4568
CVE-2010-4568 affects Bugzilla 2.14–2.22.7; 3.0.x–3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2, where cookies/tokens were generated with an insufficient number of srand calls, allowing remote attackers to gain access to arbitrary Bugzilla accounts via unsp...
CVE-2009-3165
CVE-2009-3165 is a SQL injection vulnerability affecting Bugzilla 2.23.4–3.0.8, 3.1.1–3.2.4, and 3.3.1–3.4.1 via Bug.create WebService parameters, enabling remote arbitrary SQL execution. Connected advisories confirm impact and remediation guidance, notably Gentoo GLSA 2010-06-19 recommending upg...
CVE-2005-4534
CVE-2005-4534 affects Bugzilla versions 2.9–2.16.10 via the shadow database (syncshadowdb). A local user can exploit insecure temporary file handling to perform a symlink attack and overwrite files Bugzilla can access, potentially leading to denial of service. The advisory notes that newer versio...
CVE-2003-0013
CVE-2003-0013 concerns Bugzilla’s default .htaccess behavior. The bug is that backups of localconfig created by editors (e.g., vi, Emacs; often .swp or ~ files) were not blocked by the default .htaccess, potentially allowing remote attackers to download a backup and obtain the database password. ...
CVE-2008-4437
CVE-2008-4437 describes a directory traversal vulnerability in Bugzilla’s importxml.pl when --attach_path is enabled. It affects Bugzilla versions before 2.22.5 and 3.x before 3.0.5, allowing a remote attacker to read arbitrary files by placing a .. in the data element of an XML file. The issue’s...
CVE-2002-0804
Bugzilla 2.14 (before 2.14.2) and 2.16 (before 2.16rc2) are vulnerable when configured to perform reverse DNS lookups. Remote attackers can bypass IP-based access restrictions by connecting from a host with a spoofed reverse DNS hostname. The provided materials do not specify a patch or workaround.
CVE-2001-1402
Bugzilla before 2.14 does not properly escape untrusted parameters, enabling cross-site scripting (XSS) and potentially SQL injection via multiple input points. Affected areas include reports.cgi (product/output form variables), showvotes.cgi (voteon, bug_id, user), createaccount.cgi (email), sho...
CVE-2003-1046
The CVE-2003-1046 entry concerns Bugzilla versions 2.17.3 and 2.17.4. Describecomponents.cgi fails to properly verify group membership when bug entry groups are used, allowing remote attackers to list component descriptions for products that should be restricted. The core issue is an insufficient...
CVE-2009-3125
CVE-2009-3125 : Bugzilla 3.3.2–3.4.1 and 3.5 are affected by an SQL injection in the Bug.search WebService, allowing remote attackers to execute arbitrary SQL via unspecified parameters. The issue is within Bugzilla’s web service layer and is tied to untrusted input used in SQL queries. Several c...
CVE-2001-1407
Bugzilla before 2.14 is vulnerable: users can bypass group security by marking a bug as a duplicate of a restricted bug, which adds the user to the restricted bug’s CC list and lets them view it. Affected: Bugzilla ≤ 2.13 (pre-2.14). Root cause: bypass of group security checks via duplicate marki...
CVE-2004-0707
CVE-2004-0707 describes an SQL injection in Bugzilla’s editusers.cgi. The issue affects Bugzilla 2.16.x before 2.16.6 and 2.18 before 2.18rc1, allowing remote attackers with privileges to grant membership to any group to execute arbitrary SQL. The connected information confirms the vulnerable com...
CVE-2000-0421
The CVE-2000-0421 entry corresponds to a vulnerability in Bugzilla where the process_bug.cgi script fails to sanitize user-supplied data, enabling remote arbitrary command execution. Technical documentation from connected sources confirms this flaw affects Bugzilla’s remote command execution via ...
CVE-2001-0329
Bugzilla 2.10 is vulnerable to remote arbitrary command execution via shell metacharacters in a username, processed by (1) the Bugzilla_login cookie in post_bug.cgi or (2) the who parameter in process_bug.cgi. The root cause is lack of input sanitization in the CGI workflow, enabling an attacker ...
CVE-2009-0486
CVE-2009-0486 (Bugzilla) affects Bugzilla 3.2.1, 3.0.7, and 3.3.2 when run under mod_perl, where startup srand seeds produce identical pseudorandom numbers for tokens, allowing remote attackers to bypass CSRF protections and perform actions as other users. The vulnerability is documented with a b...
CVE-2007-0792
The CVE-2007-0792 entry describes a vulnerability in Bugzilla 2.23.3 where the mod_perl initialization script fails to set the Bugzilla Apache configuration to permit .htaccess overrides of file permissions. This allows remote attackers to directly request the localconfig file and obtain the data...
CVE-2004-0703
CVE-2004-0703 describes a privilege-escalation issue in Bugzilla’s administrative controls. Versions 2.17.1–2.17.7 allow users with grant membership privileges to grant memberships to groups the user does not control, enabling broader access within the Bugzilla installation. The vulnerability is ...
CVE-2007-5038
CVE-2007-5038 affects Bugzilla WebService: offer_account_by_email in User.pm does not validate the createemailregexp parameter, permitting remote creation of accounts that would be denied by the email regexp. Affected versions are Bugzilla before 3.0.2 and 3.1.x before 3.1.2. Exploitation would b...
CVE-2001-1401
Bugzilla before 2.14 contains an access-control flaw where confidential bugs can be viewed by manipulating bug id parameters in multiple scripts (process_bug.cgi, show_activity.cgi, showvotes.cgi, showdependencytree.cgi, showdependencygraph.cgi, showattachment.cgi, describecomponents.cgi). The un...
CVE-2002-0808
Bugzilla 2.14 before 2.14.2 and 2.16 before 2.16rc2 suffers a mass-change bug that resets the groupset of all bugs to the groupset of the first bug, potentially yielding insecure groupset permissions on some bugs. Affected components: Bugzilla mass-update logic affecting bug groupsets. Root cause...
CVE-2002-1196
CVE-2002-1196 affects Bugzilla: when using the “usebuggroups” feature and more than 47 groups are specified, editproducts.cgi in Bugzilla 2.14.x (before 2.14.4) and 2.16.x (before 2.16.1) does not correctly calculate bit values for large numbers, allowing extra permissions to be granted via Perl ...
CVE-2001-0330
Bugzilla 2.10 contains a vulnerability where a remote attacker can access the database username and password by requesting the globals.pl file, which is served as plain text by the web server. The issue arises from exposing sensitive configuration data in a Perl CGI file. A fix is available in Bu...
CVE-2006-0915
CVE-2006-0915 concerns Bugzilla 2.16.10, where the application does not properly handle certain characters in the attachments parameters (maxpatchsize and maxattachmentsize) in attachment.cgi. This improper input handling can cause a remote SQL error, per the NVD description. The connected docume...
CVE-2002-0807
CVE-2002-0807: Cross-site scripting in Bugzilla affects versions 2.14 before 2.14.2 and 2.16 before 2.16rc2. Root cause: the real name field is not properly quoted by editusers.cgi, allowing remote attackers to run script as other Bugzilla users. Impact: partial confidentiality/integrity/availabi...
CVE-2002-0809
Bugzilla 2.14 before 2.14.2 and 2.16 before 2.16rc2 mishandles URL-encoded field names generated by some browsers, causing certain fields to appear unset and resulting in removal of group permissions on bugs when buglist.cgi is used with the encoded field names. Affected components: Bugzilla bug ...
CVE-2002-1198
This CVE (CVE-2002-1198) affects Bugzilla 2.16.x prior to 2.16.1. The issue is an SQL injection vulnerability during account creation caused by improper filtering of apostrophes in the email address, enabling remote attackers to execute arbitrary SQL. Affected component: Bugzilla account creation...
CVE-2005-1564
Bugzilla 2.10–2.18, 2.19.1, 2.19.2 contains a vulnerability in post_bug.cgi where a remote authenticated user can enter bugs into products that are closed for bug entry by altering the product name in the URL. The root cause is improper handling of product-name validation in the bug-entry flow, a...
CVE-2002-0811
CVE-2002-0811 affects Bugzilla: versions 2.14 before 2.14.2 and 2.16 before 2.16rc2. The vulnerability allows remote attackers to cause a denial of service or execute certain queries via a SQL injection in the sort order parameter of buglist.cgi. Connected sources also link multiple related CVEs ...
CVE-2002-0008
CVE-2002-0008 affects Bugzilla prior to 2.14.1. The vulnerability allows remote attackers to impersonate users: (1) spoof a user comment by sending a request to process_bug.cgi using the who parameter instead of the Bugzilla_login cookie, and (2) post a bug as another user by altering the reporte...
CVE-2006-0916
Bugzilla 2.19.3 through 2.20 contains a URL handling flaw during login redirects: sequences like // can cause a form action to be built with a URL to a different domain, potentially exposing form data to an unintended site. This is documented in multiple connected sources (e.g., PRION entry and N...
CVE-2002-0010
Bugzilla prior to 2.14.1 contains multiple input handling flaws that enable remote SQL injection and file creation, potentially elevating privileges. Specifically, via: (1) sql parameter in buglist.cgi, (2) invalid field names in the boolean chart query in buglist.cgi, (3) mybugslink parameter in...
CVE-2002-1197
CVE-2002-1197 affects Bugzilla versions 2.14.x before 2.14.4 and 2.16.x before 2.16.1. A flaw in bugzilla_email_append.pl allows remote attackers to execute arbitrary code by injecting shell metacharacters into a system call to processmail. The vulnerability is introduced in the email processing ...
CVE-2001-1403
This CVE (CVE-2001-1403) affects Bugzilla prior to version 2.14, where username and password were included in URLs. The underlying issue is credentials exposed in URLs, which could enable attackers to gain privileges by reading web server access logs or by shoulder-surfing and observing the brows...
CVE-2001-1404
CVE-2001-1404 describes a vulnerability in Bugzilla prior to version 2.14 where passwords were stored in plaintext and password requests could be sent via email. The underlying issue is insecure password handling, enabling privilege escalation if an attacker could access or intercept credentials....
CVE-2003-1044
CVE-2003-1044 affects Bugzilla 2.16.3 and earlier where, when usebuggroups is enabled, deleting a group fails to remove its group add privileges. This allows users with those privileges to perform unauthorized additions to the next group assigned the original group ID. The root cause is improper ...