Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0483

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2009-0483
Last Modified 25 Mar 2009 01:50:25
Published 09 Feb 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0483

Summary

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi.

Vulnerable Systems

Application

  • Mozilla Bugzilla 2.10

  • Mozilla Bugzilla 2.12

  • Mozilla Bugzilla 2.14

  • Mozilla Bugzilla 2.14.1

  • Mozilla Bugzilla 2.14.2

  • Mozilla Bugzilla 2.14.3

  • Mozilla Bugzilla 2.14.4

  • Mozilla Bugzilla 2.14.5

  • Mozilla Bugzilla 2.16

  • Mozilla Bugzilla 2.16 Rc2

  • Mozilla Bugzilla 2.16.1

  • Mozilla Bugzilla 2.16.10

  • Mozilla Bugzilla 2.16.11

  • Mozilla Bugzilla 2.16.2

  • Mozilla Bugzilla 2.16.3

  • Mozilla Bugzilla 2.16.4

  • Mozilla Bugzilla 2.16.5

  • Mozilla Bugzilla 2.16.6

  • Mozilla Bugzilla 2.16.7

  • Mozilla Bugzilla 2.16.8

  • Mozilla Bugzilla 2.16.9

  • Mozilla Bugzilla 2.17

  • Mozilla Bugzilla 2.17.1

  • Mozilla Bugzilla 2.17.2

  • Mozilla Bugzilla 2.17.3

  • Mozilla Bugzilla 2.17.4

  • Mozilla Bugzilla 2.17.5

  • Mozilla Bugzilla 2.17.6

  • Mozilla Bugzilla 2.17.7

  • Mozilla Bugzilla 2.18

  • Mozilla Bugzilla 2.18.1

  • Mozilla Bugzilla 2.18.2

  • Mozilla Bugzilla 2.18.3

  • Mozilla Bugzilla 2.18.4

  • Mozilla Bugzilla 2.18.5

  • Mozilla Bugzilla 2.18.6

  • Mozilla Bugzilla 2.18.7

  • Mozilla Bugzilla 2.18.8

  • Mozilla Bugzilla 2.18.9

  • Mozilla Bugzilla 2.19

  • Mozilla Bugzilla 2.19.1

  • Mozilla Bugzilla 2.19.2

  • Mozilla Bugzilla 2.19.3

  • Mozilla Bugzilla 2.20

  • Mozilla Bugzilla 2.20.1

  • Mozilla Bugzilla 2.20.2

  • Mozilla Bugzilla 2.20.3

  • Mozilla Bugzilla 2.20.4

  • Mozilla Bugzilla 2.20.5

  • Mozilla Bugzilla 2.20.6

  • Mozilla Bugzilla 2.21

  • Mozilla Bugzilla 2.21.1

  • Mozilla Bugzilla 2.21.2

  • Mozilla Bugzilla 2.22

  • Mozilla Bugzilla 2.22.1

  • Mozilla Bugzilla 2.22.2

  • Mozilla Bugzilla 2.22.3

  • Mozilla Bugzilla 2.22.4

  • Mozilla Bugzilla 2.22.5

  • Mozilla Bugzilla 2.22.6

  • Mozilla Bugzilla 3.0.0

  • Mozilla Bugzilla 3.0.1

  • Mozilla Bugzilla 3.0.2

  • Mozilla Bugzilla 3.0.3

  • Mozilla Bugzilla 3.0.4

  • Mozilla Bugzilla 3.0.5

  • Mozilla Bugzilla 3.0.6

  • Mozilla Bugzilla 3.2

  • Mozilla Bugzilla 3.3.1


References

FEDORA - FEDORA-2009-2417

FEDORA - FEDORA-2009-2418

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=472362

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=466692

BID - 33580

CONFIRM - http://www.bugzilla.org/security/2.22.6/

SECUNIA - 34361


Last Updated: 27 May 2016 10:50:16