Bugzilla HTML Injection and Cross Site Request Forgery Vulnerabilities

Bugtraq ID: 33580
Class: Design Error
CVE: CVE-2009-0481
CVE-2009-0482
CVE-2009-0483
CVE-2009-0484
CVE-2009-0485
Remote: Yes
Local: No
Published: Feb 02 2009 12:00AM
Updated: Apr 13 2015 09:21PM
Credit: Fr&amp;eacute;d&amp;eacute;ric Buclin, Stephen Lee, Jesse Ruderman, Terry Weissman, Max Kanat-Alexander, Teemu Mannermaa, Mozilla Corporation <br>
Vulnerable: Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.22 RC1
Mozilla Bugzilla 2.22
Gentoo Linux
Not Vulnerable: Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 2.22.7


 

Privacy Statement
Copyright 2010, SecurityFocus