Vulnerabilities > CVE-2002-0803 - Unspecified vulnerability in Mozilla Bugzilla 2.14/2.14.1/2.16

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
mozilla
nessus
NVD
Published: 2002-08-12
Updated: 2008-09-10

Summary

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi.

Vulnerable Configurations

Part Description Count
Application
Mozilla
4

Nessus

NASL familyCGI abuses
NASL idBUGZILLA_VULNS.NASL
descriptionAccording to its version number, the remote Bugzilla bug tracking system is vulnerable to various flaws, including SQL injection, cross-site scripting, and arbitrary command execution.
last seen2020-06-01
modified2020-06-02
plugin id11463
published2003-03-24
reporterThis script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11463
titleBugzilla < 2.14.2 / 2.16rc2 / 2.17 Multiple Vulnerabilities (SQLi, XSS, ID, Cmd Exe)

Redhat

advisories
rhsa
idRHSA-2002:109

References