CVE-2011-3669
https://notcve.org/view.php?id=CVE-2011-3669
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that upload attachments. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF)en attachment.cgi en Bugzilla v2.x, v3.x, y v4.x antes de v4.2rc1, permite a atacantes remotos secuestrar la autenticación de usuarios de su elección para peticiones que suben adjuntos • http://secunia.com/advisories/47368 http://www.bugzilla.org/security/3.4.12 https://bugzilla.mozilla.org/show_bug.cgi?id=703983 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2011-3667
https://notcve.org/view.php?id=CVE-2011-3667
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message. El método WebService User.offer_account_by_email en Bugzilla v2.x y v3.x antes de v3.4.13, en v3.5.x y v3.6.x antes de v3.6.7, en v3.7.x,en v4.0.x antes de v4.0.3 y en v4.1.x hasta la v4.1.3, cuando createemailregexp no está vacío, no controla correctamente la propiedad de configuración user_can_create_account, lo que permite a atacantes remotos crear cuentas de usuario aprovechandose de un token en un mensaje de correo electrónico. • http://archives.neohapsis.com/archives/bugtraq/2011-12/0184.html http://www.bugzilla.org/security/3.4.12 https://bugzilla.mozilla.org/show_bug.cgi?id=711714 https://exchange.xforce.ibmcloud.com/vulnerabilities/72042 • CWE-287: Improper Authentication •
CVE-2011-3657 – Bugzilla Chart Generator Cross Site Scripting
https://notcve.org/view.php?id=CVE-2011-3657
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used, allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) tabular report, (2) graphical report, or (3) new chart. Multiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en Bugzilla v2.x y v3.x antes de 3.4.13; en v3.5.x y v3.6.x antes de v3.6.7, en v3.7.x y v4.0.x antes de v4.0.3, y en v4.1.x amtes de la v4.1.3, cuando se utiliza el modo de depuración, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores relacionados con (1) un informe con tablas, (2) un informe gráfico, o (3) nuevo gráfico. RedTeam Pentesting discovered a cross site scripting vulnerability in Bugzilla's chart generator during a penetration test. If attackers can persuade users to click on a prepared link or redirected them to such a link from an attacker-controlled website, they are able to run arbitrary JavaScript code in the context of the Bugzilla installation's domain. Versions affected include 2.17.1 to 3.4.12, 3.5.1 to 3.6.6, 3.7.1 to 4.0.2 and 4.1.1 to 4.1.3. • http://archives.neohapsis.com/archives/bugtraq/2011-12/0184.html http://www.bugzilla.org/security/3.4.12 https://bugzilla.mozilla.org/show_bug.cgi?id=697699 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-2380
https://notcve.org/view.php?id=CVE-2011-2380
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing. Bugzilla 2.23.3 hasta la versión 2.22.7, 3.0.x hasta la versión 3.3.x, 3.4.x anteriores a 3.4.12, 3.5.x, 3.6.x anteriores a 3.6.6, 3.7.x, 4.0.x anteriores a 4.0.2 y 4.1.x anteriores a 4.1.3 permite a atacantes remotos determinar la existencia de nombres de grupos privados a través de un parámetro modificado en la (1) creacción o (2) edición de un bug. • http://secunia.com/advisories/45501 http://www.bugzilla.org/security/3.4.11 http://www.debian.org/security/2011/dsa-2322 http://www.osvdb.org/74298 http://www.osvdb.org/74299 http://www.securityfocus.com/bid/49042 https://bugzilla.mozilla.org/show_bug.cgi?id=653477 https://exchange.xforce.ibmcloud.com/vulnerabilities/69034 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2011-2978
https://notcve.org/view.php?id=CVE-2011-2978
Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation. Bugzilla 2.16rc1 hasta la versión 2.22.7, 3.0.x hasta la 3.3.x, 3.4.x anterior a 3.4.12, 3.5.x, 3.6.x anteriores a 3.6.6, 3.7.x, 4.0.x anteriores a 4.0.2 y 4.1.x anteriores a 4.1.3 no tiene en cuenta los cambios a la dirección de e-mail de confirmación (campo old_email) para notificaciones de cambio de e-mail, lo que facilita a atacantes remotos realizar cambios de dirección arbitrarios utilizando un ordenador desatendido. • http://secunia.com/advisories/45501 http://www.bugzilla.org/security/3.4.11 http://www.debian.org/security/2011/dsa-2322 http://www.osvdb.org/74301 http://www.securityfocus.com/bid/49042 https://bugzilla.mozilla.org/show_bug.cgi?id=670868 https://exchange.xforce.ibmcloud.com/vulnerabilities/69036 • CWE-20: Improper Input Validation •