Lucene search
MitreCVELIST:CVE-2009-0486HistoryFeb 09, 2009 - 5:00 p.m.
CVE-2009-0486
2009-02-0917:00:00
mitre
www.cve.org
5
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
Related
cve
cve
CVE-2009-0486
2009-02-09 17:30:00
prion
prion
Cross site request forgery (csrf)
2009-02-09 17:30:00
ubuntucve
ubuntucve
CVE-2009-0486
2009-02-09 00:00:00
nvd
nvd
CVE-2009-0486
2009-02-09 17:30:00
openvas
openvas
Fedora Core 10 FEDORA-2009-2417 (bugzilla)
2009-03-20 00:00:00
Fedora Core 9 FEDORA-2009-2418 (bugzilla)
2009-03-20 00:00:00
Fedora Core 9 FEDORA-2009-2418 (bugzilla)
2009-03-20 00:00:00
nessus
nessus
Fedora 9 : bugzilla-3.2.2-2.fc9 (2009-2418)
2009-03-19 00:00:00
Fedora 10 : bugzilla-3.2.2-2.fc10 (2009-2417)
2009-04-23 00:00:00
GLSA-201006-19 : Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: bugzilla-3.2.2-2.fc9
2009-03-18 18:59:22
[SECURITY] Fedora 10 Update: bugzilla-3.2.2-2.fc10
2009-03-18 19:06:58
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00