Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2012-0448 to a friend New vulnerability? New tool? Tell us	CVE-2012-0448 Bugzilla UTF-8 User Impersonation Vulnerability     Credit: The information has been provided by Frederic Buclin,Max Kanat-Alexander,Byron Jones,Mario Gomes and James Kettle. The original article can be found at: http://www.securityfocus.com/bid/51784/info Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2012-0448 Details Check for CVE-2012-0448 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Red Hat Fedora 16  * Red Hat Fedora 15  * Mozilla Bugzilla 4.0.3  * Mozilla Bugzilla 4.0.2  * Mozilla Bugzilla 3.6.7  * Mozilla Bugzilla 3.6.6  * Mozilla Bugzilla 3.6.4  * Mozilla Bugzilla 3.6.1  * Mozilla Bugzilla 3.4.13  * Mozilla Bugzilla 3.4.12  * Mozilla Bugzilla 3.4.10  * Mozilla Bugzilla 3.4.7  * Mozilla Bugzilla 3.4.6  * Mozilla Bugzilla 3.4.5  * Mozilla Bugzilla 3.4.4  * Mozilla Bugzilla 3.4.3  * Mozilla Bugzilla 3.4.2  * Mozilla Bugzilla 3.4.1  * Mozilla Bugzilla 3.6.3  * Mozilla Bugzilla 3.6.2  * Mozilla Bugzilla 3.6  * Mozilla Bugzilla 3.4.9  * Mozilla Bugzilla 3.4.8  * Mozilla Bugzilla 3.4 rc1  * Mozilla Bugzilla 3.4 Immune Systems:  * Mozilla Bugzilla 4.0.4  *Mozilla Bugzilla 3.6.8  *Mozilla Bugzilla 3.4.14 An attacker can exploit this issue to impersonate arbitrary users and perform unauthorized actions. Bugzilla versions prior to 3.4.14, 3.6.8, and 4.0.4 are affected. Vendor Status: Bugzilla has issued an update to correct this vulnerability Patch Availability: http://www.bugzilla.org/security/3.4.13/ CVE Information: CVE-2012-0448  Comments on CVE-2012-0448:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®