Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0484

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2009-0484
Last Modified 25 Mar 2009 01:50:25
Published 09 Feb 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0484

Summary

Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi.

Vulnerable Systems

Application

  • Mozilla Bugzilla 3.0.0

  • Mozilla Bugzilla 3.0.1

  • Mozilla Bugzilla 3.0.2

  • Mozilla Bugzilla 3.0.3

  • Mozilla Bugzilla 3.0.4

  • Mozilla Bugzilla 3.0.5

  • Mozilla Bugzilla 3.0.6

  • Mozilla Bugzilla 3.2

  • Mozilla Bugzilla 3.3.1


References

FEDORA - FEDORA-2009-2417

FEDORA - FEDORA-2009-2418

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=466748

BID - 33580

CONFIRM - http://www.bugzilla.org/security/2.22.6/

SECUNIA - 34361


Last Updated: 27 May 2016 10:50:16