Vulnerabilities > Mozilla > Bugzilla > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-08 | CVE-2005-2174 | Unspecified vulnerability in Mozilla Bugzilla Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete. | 2.6 |
| 2004-07-27 | CVE-2004-0706 | Unspecified vulnerability in Mozilla Bugzilla Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files. | 2.1 |
| 2003-08-27 | CVE-2003-0603 | Unspecified vulnerability in Mozilla Bugzilla Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions. | 2.1 |
| 2003-01-17 | CVE-2003-0012 | Unspecified vulnerability in Mozilla Bugzilla The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. | 2.1 |
| 2002-08-12 | CVE-2002-0806 | Unspecified vulnerability in Mozilla Bugzilla 2.14/2.14.1/2.16 Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option. | 2.1 |
| 2001-09-10 | CVE-2001-1405 | Denial-Of-Service vulnerability in Bugzilla Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi. | 2.1 |
| 2001-09-10 | CVE-2001-1406 | Local Security vulnerability in Bugzilla process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent. | 2.1 |