Vulnerability Report: Bugzilla 3.x

This vulnerability report for Bugzilla 3.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Bugzilla 3.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2015
2.2. Statistics for 2014
2.3. Statistics for 2013
2.4. Statistics for 2012
2.5. Statistics for 2011
2.6. Statistics for 2010
2.7. Statistics for 2009
2.8. Statistics for 2008
2.9. Statistics for 2007
2.10. Statistics for 2006
2.11. Statistics for 2005
2.12. Statistics for 2004
2.13. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2015
3.2. List for 2014
3.3. List for 2013
3.4. List for 2012
3.5. List for 2011
3.6. List for 2010
3.7. List for 2009
3.8. List for 2008
3.9. List for 2007
3.10. List for 2006
3.11. List for 2005
3.12. List for 2004
3.13. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Mozilla Foundation

Product Link View Here (Link to external site)

Affected By 26 Secunia advisories
62 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 8% (2 of 26 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Bugzilla 3.x, with all vendor patches applied, is rated Less critical .




26 Secunia Advisories in 2003-2015

Secunia has issued a total of 26 Secunia advisories in 2003-2015 for Bugzilla 3.x. Currently, 8% (2 out of 26) are marked as unpatched with the most severe being rated Less critical

More information about the specific Secunia advisories affecting Bugzilla 3.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



patched Bugzilla Information Disclosure Weakness and Cross-Site Scripting Vulnerability
Vendor Patch. Secunia Advisory 1 of 1 in 2013. 1,037 views.
Release Date:
2013-02-20
Secunia Advisory ID:
SA52254
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Cross Site Scripting
Exposure of sensitive information
Where:
From remote
Short Description:
A weakness and a vulnerability has been reported in Bugzilla, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks. [Read More]


patched Bugzilla Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 5 in 2012. 1,492 views.
Release Date:
2012-11-14
Secunia Advisory ID:
SA51265
Solution Status:
Vendor Patch
Criticality:
Moderately critical
Impact:
Cross Site Scripting
Exposure of sensitive information
Where:
From remote
Short Description:
A security issue and multiple vulnerabilities have been reported in Bugzilla, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting and script insertion attacks. [Read More]


patched Bugzilla LDAP Injection and Template Disclosure Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 5 in 2012. 2,037 views.
Release Date:
2012-08-31
Secunia Advisory ID:
SA50433
Solution Status:
Vendor Patch
Criticality:
Moderately critical
Impact:
Manipulation of data
Exposure of sensitive information
Where:
From remote
Short Description:
A vulnerability and a security issue have been reported in Bugzilla, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. [Read More]


patched Bugzilla Two Information Disclosure Security Issues
Vendor Patch. Secunia Advisory 3 of 5 in 2012. 3,628 views.
Release Date:
2012-07-27
Secunia Advisory ID:
SA50040
Solution Status:
Vendor Patch
Criticality:
Not critical
Impact:
Exposure of sensitive information
Where:
From remote
Short Description:
Two security issues have been reported in Bugzilla, which can be exploited by malicious people to disclose potentially sensitive information. [Read More]


patched Bugzilla Cross-Site Request Forgery Vulnerability
Vendor Patch. Secunia Advisory 4 of 5 in 2012. 1,276 views.
Release Date:
2012-04-19
Secunia Advisory ID:
SA48835
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Cross Site Scripting
Where:
From remote
Short Description:
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. [Read More]


patched Bugzilla Spoofing and Cross-Site Request Forgery Vulnerabilities
Vendor Patch. Secunia Advisory 5 of 5 in 2012. 1,880 views.
Release Date:
2012-02-01
Secunia Advisory ID:
SA47814
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Cross Site Scripting
Spoofing
Where:
From remote
Short Description:
Two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct spoofing attacks and by malicious people to conduct cross-site request forgery attacks. [Read More]


unpatched Bugzilla Cross-Site Request Forgery Vulnerability
Unpatched. Secunia Advisory 1 of 4 in 2011. 1,810 views.
Release Date:
2011-12-30
Secunia Advisory ID:
SA47368
Solution Status:
Unpatched
Criticality:
Less critical
Impact:
Cross Site Scripting
Where:
From remote
Short Description:
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. [Read More]


patched Bugzilla Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 4 in 2011. 2,173 views.
Release Date:
2011-12-30
Secunia Advisory ID:
SA47365
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Cross Site Scripting
Where:
From remote
Short Description:
A weakness and two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. [Read More]


patched Bugzilla Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 3 of 4 in 2011. 3,331 views.
Release Date:
2011-08-05
Secunia Advisory ID:
SA45501
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Cross Site Scripting
Spoofing
Exposure of sensitive information
Where:
From remote
Short Description:
Multiple vulnerabilities have been reported in Bugzilla, which can be exploited by malicious, local users to gain access to potentially sensitive information and by malicious users to disclose potentially sensitive information, conduct script insertion and spoofing attacks. [Read More]


patched Bugzilla Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 4 of 4 in 2011. 5,875 views.
Release Date:
2011-01-25
Secunia Advisory ID:
SA43033
Solution Status:
Vendor Patch
Criticality:
Moderately critical
Impact:
Security Bypass
Cross Site Scripting
Brute force
Where:
From remote
Short Description:
Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct HTTP response splitting attacks, cross-site request forgery attacks, and bypass certain security restrictions. [Read More]


patched Bugzilla Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 5 in 2010. 2,722 views.
Release Date:
2010-11-03
Secunia Advisory ID:
SA42071
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Cross Site Scripting
Where:
From remote
Short Description:
Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct HTTP response splitting and cross-site scripting attacks [Read More]


patched Bugzilla Multiple Weaknesses and Vulnerability
Vendor Patch. Secunia Advisory 2 of 5 in 2010. 3,503 views.
Release Date:
2010-08-06
Secunia Advisory ID:
SA40892
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Exposure of sensitive information
DoS
Where:
From remote
Short Description:
Multiple weaknesses and a vulnerability have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information [Read More]


unpatched Bugzilla "data/webdot" and ".bzr" Information Disclosure
Unpatched. Secunia Advisory 3 of 5 in 2010. 2,021 views.
Release Date:
2010-07-02
Secunia Advisory ID:
SA40455
Solution Status:
Unpatched
Criticality:
Not critical
Impact:
Exposure of sensitive information
Where:
Local system
Short Description:
A security issue has been reported in Bugzilla, which can be exploited by malicious, local users to disclose potentially sensitive information. [Read More]


patched Bugzilla "Time-Tracking" and "localconfig" Information Disclosure
Vendor Patch. Secunia Advisory 4 of 5 in 2010. 3,834 views.
Release Date:
2010-06-25
Secunia Advisory ID:
SA40300
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Exposure of sensitive information
Where:
From remote
Short Description:
Two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious, local users and malicious people to disclose sensitive information. [Read More]


patched Bugzilla Information Disclosure Weaknesses
Vendor Patch. Secunia Advisory 5 of 5 in 2010. 3,194 views.
Release Date:
2010-02-01
Secunia Advisory ID:
SA38443
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Exposure of sensitive information
Where:
From remote
Short Description:
Some weaknesses have been reported in Bugzilla, which can lead to the disclosure of sensitive information. [Read More]


patched Bugzilla Alias Information Leak Weakness
Vendor Patch. Secunia Advisory 1 of 6 in 2009. 3,277 views.
Release Date:
2009-11-19
Secunia Advisory ID:
SA37423
Solution Status:
Vendor Patch
Criticality:
Not critical
Impact:
Exposure of sensitive information
Where:
From remote
Short Description:
A weakness has been reported in Bugzilla, which can result in the disclosure of potentially sensitive information. [Read More]


patched Bugzilla Information Disclosure Weakness and SQL Injection Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 6 in 2009. 4,389 views.
Release Date:
2009-09-14
Secunia Advisory ID:
SA36718
Solution Status:
Vendor Patch
Criticality:
Moderately critical
Impact:
Manipulation of data
Exposure of sensitive information
Where:
From remote
Short Description:
A weakness and two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious people to disclose potentially sensitive information and by malicious users and malicious people to conduct SQL injection attacks. [Read More]


patched Bugzilla Product Names Disclosure Security Issue
Vendor Patch. Secunia Advisory 3 of 6 in 2009. 2,069 views.
Release Date:
2009-08-03
Secunia Advisory ID:
SA36071
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Exposure of sensitive information
Where:
From remote
Short Description:
A security issue has been reported in Bugzilla, which can be exploited by malicious users to disclose sensitive information. [Read More]


patched Bugzilla "canconfirm" Security Bypass Vulnerability
Vendor Patch. Secunia Advisory 4 of 6 in 2009. 2,982 views.
Release Date:
2009-07-09
Secunia Advisory ID:
SA35739
Solution Status:
Vendor Patch
Criticality:
Not critical
Impact:
Security Bypass
Where:
From remote
Short Description:
A vulnerability has been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions. [Read More]


patched Bugzilla "attachment.cgi" Cross-Site Request Forgery Vulnerability
Vendor Patch. Secunia Advisory 5 of 6 in 2009. 3,768 views.
Release Date:
2009-03-31
Secunia Advisory ID:
SA34545
Solution Status:
Vendor Patch
Criticality:
Moderately critical
Impact:
Cross Site Scripting
Where:
From remote
Short Description:
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. [Read More]


patched Bugzilla Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 6 of 6 in 2009. 5,712 views.
Release Date:
2009-02-03
Secunia Advisory ID:
SA33781
Solution Status:
Vendor Patch
Criticality:
Moderately critical
Impact:
Cross Site Scripting
Exposure of sensitive information
Where:
From remote
Short Description:
Some vulnerabilities and a security issue have been reported in Bugzilla, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to potentially disclose sensitive information or to conduct cross-site request forgery attacks. [Read More]


patched Bugzilla Quips Approval Security Bypass Security Issue
Vendor Patch. Secunia Advisory 1 of 3 in 2008. 4,434 views.
Release Date:
2008-11-07
Secunia Advisory ID:
SA32501
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Where:
From remote
Short Description:
A security issue has been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions. [Read More]


patched Bugzilla importxml.pl Directory Traversal Vulnerability
Vendor Patch. Secunia Advisory 2 of 3 in 2008. 5,323 views.
Release Date:
2008-08-12
Secunia Advisory ID:
SA31444
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Exposure of system information
Exposure of sensitive information
Where:
From remote
Short Description:
A vulnerability has been reported in Bugzilla, which can be exploited by malicious users to disclose sensitive information. [Read More]


patched Bugzilla Security Bypass and Cross-Site Scripting Vulnerabilities
Vendor Patch. Secunia Advisory 3 of 3 in 2008. 8,373 views.
Release Date:
2008-05-05
Secunia Advisory ID:
SA30064
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Cross Site Scripting
Where:
From remote
Short Description:
Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions or by malicious people to conduct cross-site scripting attacks. [Read More]


patched Bugzilla "createemailregexp" Security Bypass Vulnerability
Vendor Patch. Secunia Advisory 1 of 2 in 2007. 11,823 views.
Release Date:
2007-09-19
Secunia Advisory ID:
SA26848
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Security Bypass
Where:
From remote
Short Description:
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to bypass certain security restrictions. [Read More]


patched Bugzilla Security Issue and Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 2 in 2007. 13,219 views.
Release Date:
2007-08-24
Secunia Advisory ID:
SA26584
Solution Status:
Vendor Patch
Criticality:
Less critical
Impact:
Cross Site Scripting
Exposure of sensitive information
System access
Where:
From remote
Short Description:
Some vulnerabilities and a security issue have been reported in Bugzilla, which can be exploited by malicious users to inject shell commands, and by malicious people to conduct cross-site scripting attacks and to disclose potentially sensitive information. [Read More]





Discuss this Product
A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.
Subject: Bugzilla 3.x 
No posts yet

-

You must be logged in to post a comment.