Lucene search
MitreCVELIST:CVE-2008-4437HistoryOct 03, 2008 - 10:00 p.m.
CVE-2008-4437
2008-10-0322:00:00
mitre
www.cve.org
6
Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a … (dot dot) in the data element.
References
secunia.com/advisories/31444
secunia.com/advisories/34361
www.bugzilla.org/security/2.22.4/
www.securityfocus.com/bid/30661
www.securitytracker.com/id?1020668
www.vupen.com/english/advisories/2008/2344
bugzilla.mozilla.org/show_bug.cgi?id=437169
exchange.xforce.ibmcloud.com/vulnerabilities/44407
www.redhat.com/archives/fedora-package-announce/2009-March/msg00664.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg00687.html
Related
freebsd
freebsd
Bugzilla -- Directory Traversal in importxml.pl
2008-06-03 00:00:00
nessus
nessus
FreeBSD : Bugzilla -- Directory Traversal in importxml.pl (1d96305d-6ae6-11dd-91d5-000c29d47fd7)
2008-08-17 00:00:00
Fedora 9 : bugzilla-3.2.2-2.fc9 (2009-2418)
2009-03-19 00:00:00
Fedora 10 : bugzilla-3.2.2-2.fc10 (2009-2417)
2009-04-23 00:00:00
prion
prion
Directory traversal
2008-10-03 22:22:00
ubuntucve
ubuntucve
CVE-2008-4437
2008-10-03 00:00:00
openvas
openvas
FreeBSD Ports: bugzilla, ja-bugzilla
2008-09-04 00:00:00
FreeBSD Ports: bugzilla, ja-bugzilla
2008-09-04 00:00:00
Fedora Core 9 FEDORA-2009-2418 (bugzilla)
2009-03-20 00:00:00
exploitdb
exploitdb
Bugzilla 3.1.4 - '--attach_path' Directory Traversal
2008-08-12 00:00:00
cve
cve
CVE-2008-4437
2008-10-03 22:22:45
nvd
nvd
CVE-2008-4437
2008-10-03 22:22:45
fedora
fedora
[SECURITY] Fedora 9 Update: bugzilla-3.2.2-2.fc9
2009-03-18 18:59:22
[SECURITY] Fedora 10 Update: bugzilla-3.2.2-2.fc10
2009-03-18 19:06:58
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00