Description
Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges.
Products
- Mozilla Bugzilla
- Mozilla Bugzilla
- Mozilla Bugzilla 2.0
- Mozilla Bugzilla 2.10
- Mozilla Bugzilla 2.12
- Mozilla Bugzilla 2.14.1
- Mozilla Bugzilla 2.14
- Mozilla Bugzilla 2.2
- Mozilla Bugzilla 2.4
- Mozilla Bugzilla 2.6
- Mozilla Bugzilla 2.8
- Mozilla Bugzilla 2.9
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2002-0010, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2002-0010 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References