Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0915

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0915
Last Modified 07 Mar 2011 09:31:04
Published 28 Feb 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0915

Summary

Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameters in attachment.cgi, which allows remote attackers to trigger a SQL error.

Vulnerable Systems

Application

  • Mozilla Bugzilla 2.16.10


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=313441

VUPEN - ADV-2006-0692


Last Updated: 27 May 2016 10:41:50