Lucene search
Ubuntu.comUB:CVE-2009-3125HistorySep 15, 2009 - 12:00 a.m.
CVE-2009-3125
2009-09-1500:00:00
ubuntu.com
ubuntu.com
8
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.001
Percentile
51.1%
SQL injection vulnerability in the Bug.search WebService function in
Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute
arbitrary SQL commands via unspecified parameters.
Notes
| Author | Note |
|---|---|
| jdstrand | only 3.3.2 through 3.4.1 are affected |
Related
cvelist
cvelist
CVE-2009-3125
2009-09-15 22:00:00
openvas
openvas
Fedora Core 11 FEDORA-2009-9554 (bugzilla)
2009-09-21 00:00:00
cve
cve
CVE-2009-3125
2009-09-15 22:30:00
prion
prion
Sql injection
2009-09-15 22:30:00
nvd
nvd
CVE-2009-3125
2009-09-15 22:30:00
nessus
nessus
Fedora 11 : bugzilla-3.2.5-1.fc11 (2009-9554)
2009-09-21 00:00:00
Fedora 10 : bugzilla-3.2.5-1.fc10 (2009-9550)
2009-09-21 00:00:00
seebug
seebug
Mozilla Bugzilla Bug.create()和Bug.search()函数SQL注入漏洞
2009-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: bugzilla-3.2.5-1.fc11
2009-09-19 00:06:52
[SECURITY] Fedora 10 Update: bugzilla-3.2.5-1.fc10
2009-09-19 00:11:57
[SECURITY] Fedora 11 Update: bugzilla-3.2.6-2.fc11
2010-02-09 05:10:39
freebsd
freebsd
bugzilla -- two SQL injections, sensitive data exposure
2009-09-11 00:00:00
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.001
Percentile
51.1%
Related for UB:CVE-2009-3125