Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
There are 63 matching records.
Displaying matches 61 through 63.
Vuln ID Summary CVSS Severity
CVE-2002-1196

editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to users via known features of Perl math that set multiple bits.

Published: October 28, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-1197

bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.

Published: October 28, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-1198

Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.

Published: October 28, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH