Lucene search
Ubuntu.comUB:CVE-2012-0465HistoryApr 27, 2012 - 12:00 a.m.
CVE-2012-0465
2012-04-2700:00:00
ubuntu.com
ubuntu.com
12
0.005 Low
EPSS
Percentile
75.1%
Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and
4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled,
does not properly validate the X-Forwarded-For HTTP header, which allows
remote attackers to bypass the lockout policy via a series of
authentication requests with (1) different IP address strings in this
header or (2) a long string in this header.
Related
prion
prion
Design/Logic Flaw
2012-04-27 20:55:00
cvelist
cvelist
CVE-2012-0465
2012-04-27 20:00:00
cve
cve
CVE-2012-0465
2012-04-27 20:55:00
openvas
openvas
FreeBSD Ports: bugzilla
2012-04-30 00:00:00
Fedora Update for bugzilla FEDORA-2012-6396
2012-05-04 00:00:00
Fedora Update for bugzilla FEDORA-2012-6282
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: bugzilla-4.0.6-1.fc17
2012-05-02 04:54:29
[SECURITY] Fedora 15 Update: bugzilla-3.6.9-1.fc15
2012-05-01 00:56:53
[SECURITY] Fedora 16 Update: bugzilla-4.0.6-1.fc16
2012-05-01 00:48:20
nessus
nessus
Fedora 17 : bugzilla-4.0.6-1.fc17 (2012-6282)
2012-05-02 00:00:00
Fedora 16 : bugzilla-4.0.6-1.fc16 (2012-6368)
2012-05-01 00:00:00
Fedora 15 : bugzilla-3.6.9-1.fc15 (2012-6396)
2012-05-01 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9
2012-04-23 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2012-04-18 00:00:00