Vulnerabilities > Mozilla > Bugzilla > 2.16.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-28 | CVE-2005-4534 | Unspecified vulnerability in Mozilla Bugzilla The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 7.5 |
2005-05-14 | CVE-2005-1563 | Information Disclosure vulnerability in Bugzilla Hidden Product Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products. | 5.0 |
2005-01-04 | CVE-2004-1061 | Cross-Site Scripting vulnerability in Bugzilla Internal Error Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter. network mozilla | 4.3 |
2002-12-31 | CVE-2002-2260 | Cross-Site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. | 4.3 |