VuXML ID | Description |
dc2d76df-a595-11e4-9363-20cf30e32f6d | Bugzilla multiple security issues
Bugzilla Security Advisory
Command Injection
Some code in Bugzilla does not properly utilize 3 arguments form
for open() and it is possible for an account with editcomponents
permissions to inject commands into product names and other
attributes.
Information Leak
Using the WebServices API, a user can possibly execute imported
functions from other non-WebService modules. A whitelist has now
been added that lists explicit methods that can be executed via the
API.
Discovery 2015-01-21 Entry 2015-01-26 bugzilla44
< 4.4.7
CVE-2014-8630
https://bugzilla.mozilla.org/show_bug.cgi?id=1079065
https://bugzilla.mozilla.org/show_bug.cgi?id=1090275
|
9defb2d6-1404-11e4-8cae-20cf30e32f6d | bugzilla -- Cross Site Request Forgery
A Bugzilla Security Advisory reports:
Adobe does not properly restrict the SWF file format,
which allows remote attackers to conduct cross-site
request forgery (CSRF) attacks against Bugzilla's JSONP
endpoint, possibly obtaining sensitive bug information,
via a crafted OBJECT element with SWF content satisfying
the character-set requirements of a callback API.
Discovery 2014-07-24 Entry 2014-07-25 bugzilla44
< 4.4.5
CVE-2014-1546
|
22283b8c-13c5-11e8-a861-20cf30e32f6d | Bugzilla security issues
Bugzilla Security Advisory
A CSRF vulnerability in report.cgi would allow a third-party site
to extract confidential information from a bug the victim had access to.
Discovery 2018-02-16 Entry 2018-02-16 bugzilla44
< 4.4.13
bugzilla50
< 5.0.4
CVE-2018-5123
https://bugzilla.mozilla.org/show_bug.cgi?id=1433400
|
b6587341-4d88-11e4-aef9-20cf30e32f6d | Bugzilla multiple security issues
Bugzilla Security Advisory
Unauthorized Account Creation
An attacker creating a new Bugzilla account can override certain
parameters when finalizing the account creation that can lead to the
user being created with a different email address than originally
requested. The overridden login name could be automatically added
to groups based on the group's regular expression setting.
Cross-Site Scripting
During an audit of the Bugzilla code base, several places
were found where cross-site scripting exploits could occur which
could allow an attacker to access sensitive information.
Information Leak
If a new comment was marked private to the insider group, and a flag
was set in the same transaction, the comment would be visible to
flag recipients even if they were not in the insider group.
Social Engineering
Search results can be exported as a CSV file which can then be
imported into external spreadsheet programs. Specially formatted
field values can be interpreted as formulas which can be executed
and used to attack a user's computer.
Discovery 2014-10-06 Entry 2014-10-06 bugzilla44
< 4.4.6
CVE-2014-1572
CVE-2014-1573
CVE-2014-1571
https://bugzilla.mozilla.org/show_bug.cgi?id=1074812
https://bugzilla.mozilla.org/show_bug.cgi?id=1075578
https://bugzilla.mozilla.org/show_bug.cgi?id=1064140
https://bugzilla.mozilla.org/show_bug.cgi?id=1054702
|
ea893f06-5a92-11e5-98c0-20cf30e32f6d | Bugzilla security issues
Bugzilla Security Advisory
Login names (usually an email address) longer than 127
characters are silently truncated in MySQL which could
cause the domain name of the email address to be
corrupted. An attacker could use this vulnerability to
create an account with an email address different from the
one originally requested. The login name could then be
automatically added to groups based on the group's regular
expression setting.
Discovery 2015-09-10 Entry 2015-09-14 bugzilla44
< 4.4.10
bugzilla50
< 5.0.1
CVE-2015-4499
https://bugzilla.mozilla.org/show_bug.cgi?id=1202447
|
54075861-a95a-11e5-8b40-20cf30e32f6d | Bugzilla security issues
Bugzilla Security Advisory
During the generation of a dependency graph, the code for
the HTML image map is generated locally if a local dot
installation is used. With escaped HTML characters in a bug
summary, it is possible to inject unfiltered HTML code in
the map file which the CreateImagemap function generates.
This could be used for a cross-site scripting attack.
If an external HTML page contains a |