|
|
|
|
| |
Credit:
The information has been provided by Frederic Buclin,Max Kanat-Alexander,Byron Jones,Mario Gomes and James Kettle.
The original article can be found at: http://www.securityfocus.com/bid/51783/info
|
| |
Vulnerable Systems:
* Mozilla Bugzilla 4.0.3
* Mozilla Bugzilla 4.0.2
* Mozilla Bugzilla 3.6.7
* Mozilla Bugzilla 3.6.6
* Mozilla Bugzilla 3.6.4
* Mozilla Bugzilla 3.6.1
* Mozilla Bugzilla 3.4.13
* Mozilla Bugzilla 3.4.12
* Mozilla Bugzilla 3.4.10
* Mozilla Bugzilla 3.4.7
* Mozilla Bugzilla 3.4.6
* Mozilla Bugzilla 3.4.5
* Mozilla Bugzilla 3.4.4
* Mozilla Bugzilla 3.4.3
* Mozilla Bugzilla 3.4.2
* Mozilla Bugzilla 3.4.1
* Mozilla Bugzilla 3.6.3
* Mozilla Bugzilla 3.6.2
* Mozilla Bugzilla 3.6
* Mozilla Bugzilla 3.4.9
* Mozilla Bugzilla 3.4.8
* Mozilla Bugzilla 3.4 rc1
* Mozilla Bugzilla 3.4
Immune Systems:
* Mozilla Bugzilla 4.0.4
*Mozilla Bugzilla 3.6.8
*Mozilla Bugzilla 3.4.14
Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible.
Bugzilla versions prior to 3.4.14, 3.6.8 and 4.0.4 are vulnerable.
Vendor Status:
Bugzilla has issued an update to correct this vulnerability
Patch Availability:
http://www.bugzilla.org/security/3.4.13/
CVE Information:
CVE-2012-0440
|
|
|
|
|
