|
|
Bugzilla HTML Injection and Cross Site Request Forgery Vulnerabilities
|
Bugtraq ID:
|
33580
|
|
Class:
|
Design Error
|
|
CVE:
|
CVE-2009-0481
CVE-2009-0482
CVE-2009-0483
CVE-2009-0484
CVE-2009-0485
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Feb 02 2009 12:00AM
|
|
Updated:
|
Mar 19 2009 06:06PM
|
|
Credit:
|
Frédéric Buclin, Stephen Lee, Jesse Ruderman, Terry Weissman, Max Kanat-Alexander, Teemu Mannermaa, Mozilla Corporation
|
|
Vulnerable:
|
RedHat Fedora 9 0
RedHat Fedora 10
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.22 RC1
Mozilla Bugzilla 2.22
|
|
|
|
Not Vulnerable:
|
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 2.22.7
|
|
|
