CVE-2006-5455 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-5455
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5455

Description: Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29618 SREASON http://securityreason.com/securityalert/1760 SAID Secunia Advisory: SA22790 Secunia Advisory: SA22409 OSVDB 29548 GENTOO http://security.gentoo.org/glsa/glsa-200611-04.xml CONFIRM http://www.bugzilla.org/security/2.18.5/ BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/448777/100/100/threaded BID 20538

Return to the previous page.