Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2103

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2103
Last Modified 07 Mar 2011 10:08:42
Published 07 May 2008 04:20:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2103

Summary

Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list.

Vulnerable Systems

Application

  • Mozilla Bugzilla 2.17.2

  • Mozilla Bugzilla 2.17.3

  • Mozilla Bugzilla 2.17.4

  • Mozilla Bugzilla 2.17.5

  • Mozilla Bugzilla 2.17.6

  • Mozilla Bugzilla 2.17.7

  • Mozilla Bugzilla 2.18

  • Mozilla Bugzilla 2.18.1

  • Mozilla Bugzilla 2.18.2

  • Mozilla Bugzilla 2.18.3

  • Mozilla Bugzilla 2.18.4

  • Mozilla Bugzilla 2.18.5

  • Mozilla Bugzilla 2.18.6

  • Mozilla Bugzilla 2.19.1

  • Mozilla Bugzilla 2.19.2

  • Mozilla Bugzilla 2.19.3

  • Mozilla Bugzilla 2.20

  • Mozilla Bugzilla 2.20.1

  • Mozilla Bugzilla 2.20.2

  • Mozilla Bugzilla 2.20.3

  • Mozilla Bugzilla 2.20.4

  • Mozilla Bugzilla 2.20.5

  • Mozilla Bugzilla 2.20.6

  • Mozilla Bugzilla 2.21.1

  • Mozilla Bugzilla 2.21.2

  • Mozilla Bugzilla 2.22

  • Mozilla Bugzilla 2.22.1

  • Mozilla Bugzilla 2.22.2

  • Mozilla Bugzilla 2.22.3

  • Mozilla Bugzilla 2.22.4

  • Mozilla Bugzilla 2.23

  • Mozilla Bugzilla 2.23.1

  • Mozilla Bugzilla 2.23.2

  • Mozilla Bugzilla 2.23.3

  • Mozilla Bugzilla 2.23.4

  • Mozilla Bugzilla 3.0 Rc1

  • Mozilla Bugzilla 3.0.1

  • Mozilla Bugzilla 3.0.2

  • Mozilla Bugzilla 3.0.3

  • Mozilla Bugzilla 3.0.4

  • Mozilla Bugzilla 3.1.1

  • Mozilla Bugzilla 3.1.2

  • Mozilla Bugzilla 3.1.3

  • Mozilla Bugzilla 3.1.4


References

FEDORA - FEDORA-2008-3488

FEDORA - FEDORA-2008-3442

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=425665

XF - bugzilla-bugview-xss(42216)

VUPEN - ADV-2008-1428

SECTRACK - 1019967

BID - 29038

CONFIRM - http://www.bugzilla.org/security/2.20.5/

SECUNIA - 30167

SECUNIA - 30064


Last Updated: 27 May 2016 10:47:46