Vulnerability-Lookup

CVE-2011-0046 (GCVE-0-2011-0046)

Vulnerability from cvelistv5 – Published: 2011-01-28 15:00 – Updated: 2024-08-06 21:43

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

GSD-2011-0046

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-0046

Aliases

CVE-2011-0046

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-0046",
    "description": "Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.",
    "id": "GSD-2011-0046",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-0046.html",
      "https://www.debian.org/security/2011/dsa-2322"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-0046"
      ],
      "details": "Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.",
      "id": "GSD-2011-0046",
      "modified": "2023-12-13T01:19:04.756154Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-0046",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105"
          },
          {
            "name": "70710",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70710"
          },
          {
            "name": "45982",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/45982"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090"
          },
          {
            "name": "43165",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43165"
          },
          {
            "name": "70709",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70709"
          },
          {
            "name": "http://www.bugzilla.org/security/3.2.9/",
            "refsource": "CONFIRM",
            "url": "http://www.bugzilla.org/security/3.2.9/"
          },
          {
            "name": "FEDORA-2011-0741",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html"
          },
          {
            "name": "70708",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70708"
          },
          {
            "name": "ADV-2011-0271",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0271"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109"
          },
          {
            "name": "43033",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43033"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107"
          },
          {
            "name": "bugzilla-unspec-csrf(65003)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65003"
          },
          {
            "name": "ADV-2011-0207",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0207"
          },
          {
            "name": "FEDORA-2011-0755",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110"
          },
          {
            "name": "70707",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70707"
          },
          {
            "name": "DSA-2322",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2011/dsa-2322"
          },
          {
            "name": "70706",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70706"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108"
          },
          {
            "name": "70705",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/70705"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.23.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.23.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16_rc2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.23.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.6\\+:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.2.9",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-0046"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43033",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43033"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105"
            },
            {
              "name": "http://www.bugzilla.org/security/3.2.9/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.bugzilla.org/security/3.2.9/"
            },
            {
              "name": "ADV-2011-0207",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0207"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110"
            },
            {
              "name": "45982",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/45982"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109"
            },
            {
              "name": "70707",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70707"
            },
            {
              "name": "70710",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70710"
            },
            {
              "name": "70706",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70706"
            },
            {
              "name": "70709",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70709"
            },
            {
              "name": "70705",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70705"
            },
            {
              "name": "70708",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/70708"
            },
            {
              "name": "43165",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43165"
            },
            {
              "name": "ADV-2011-0271",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0271"
            },
            {
              "name": "FEDORA-2011-0755",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html"
            },
            {
              "name": "FEDORA-2011-0741",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html"
            },
            {
              "name": "DSA-2322",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2322"
            },
            {
              "name": "bugzilla-unspec-csrf(65003)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65003"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-17T01:33Z",
      "publishedDate": "2011-01-28T16:00Z"
    }
  }
}

GHSA-VXHQ-W38V-XX5F

Vulnerability from github – Published: 2022-05-03 03:25 – Updated: 2025-04-11 03:43

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-0046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-01-28T16:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.",
  "id": "GHSA-vxhq-w38v-xx5f",
  "modified": "2025-04-11T03:43:25Z",
  "published": "2022-05-03T03:25:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0046"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65003"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70705"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70706"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70707"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70708"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70709"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/70710"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43033"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43165"
    },
    {
      "type": "WEB",
      "url": "http://www.bugzilla.org/security/3.2.9"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2322"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/45982"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0207"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0271"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2011-AVI-031

Vulnerability from certfr_avis - Published: 2011-01-25 - Updated: 2011-01-25

Plusieurs vulnérabilités ont été corrigées dans Bugzilla. L'une d'entre elles permet à un utilisateur de récupérer les privilèges d'un autre compte.

Description

Plusieurs vulnérabilités ont été corrigées dans Bugzilla.

Une vulnérabilité non spécifiée permet à un utilisateur de récupérer les privilèges d'un autre compte.

Une erreur dans la validation de certaines entrées non spécifiées par l'éditeur permet d'insérer du contenu et des en-têtes arbitraires dans la réponse retournée par le serveur à l'utilisateur.

D'autres vulnérabilités permettant l'injection de code indirecte à distance et l'injection de requêtes illégitime par rebond ont également été corrigées.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Bugzilla versions 4.x antérieures à la version 4.0rc2 ;
N/A	N/A	Bugzilla versions 3.2.x antérieures à la version 3.2.10.
N/A	N/A	Bugzilla versions 3.6.x antérieures à la version 3.6.4 ;
N/A	N/A	Bugzilla versions 3.4.x antérieures à la version 3.4.10 ;

References

Title

Publication Time

FKIE_CVE-2011-0046

Vulnerability from fkie_nvd - Published: 2011-01-28 16:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html
cve@mitre.org	http://osvdb.org/70705
cve@mitre.org	http://osvdb.org/70706
cve@mitre.org	http://osvdb.org/70707
cve@mitre.org	http://osvdb.org/70708
cve@mitre.org	http://osvdb.org/70709
cve@mitre.org	http://osvdb.org/70710
cve@mitre.org	http://secunia.com/advisories/43033	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43165
cve@mitre.org	http://www.bugzilla.org/security/3.2.9/	Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2011/dsa-2322
cve@mitre.org	http://www.securityfocus.com/bid/45982
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0207	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0271
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=621090	Patch
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=621105	Patch
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=621107	Patch
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=621108	Patch
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=621109	Patch
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=621110	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/65003
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70705
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70706
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70707
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70708
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70709
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70710
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43033	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43165
af854a3a-2127-422b-91ae-364da2661108	http://www.bugzilla.org/security/3.2.9/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2322
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45982
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0207	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0271
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=621090	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=621105	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=621107	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=621108	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=621109	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=621110	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/65003

Impacted products

Vendor	Product	Version
mozilla	bugzilla	*
mozilla	bugzilla	2.0
mozilla	bugzilla	2.2
mozilla	bugzilla	2.4
mozilla	bugzilla	2.6
mozilla	bugzilla	2.8
mozilla	bugzilla	2.9
mozilla	bugzilla	2.10
mozilla	bugzilla	2.12
mozilla	bugzilla	2.14
mozilla	bugzilla	2.14.1
mozilla	bugzilla	2.14.2
mozilla	bugzilla	2.14.3
mozilla	bugzilla	2.14.4
mozilla	bugzilla	2.14.5
mozilla	bugzilla	2.16
mozilla	bugzilla	2.16
mozilla	bugzilla	2.16
mozilla	bugzilla	2.16.1
mozilla	bugzilla	2.16.2
mozilla	bugzilla	2.16.3
mozilla	bugzilla	2.16.4
mozilla	bugzilla	2.16.5
mozilla	bugzilla	2.16.6
mozilla	bugzilla	2.16.7
mozilla	bugzilla	2.16.8
mozilla	bugzilla	2.16.9
mozilla	bugzilla	2.16.10
mozilla	bugzilla	2.16.11
mozilla	bugzilla	2.16_rc2
mozilla	bugzilla	2.17
mozilla	bugzilla	2.17.1
mozilla	bugzilla	2.17.2
mozilla	bugzilla	2.17.3
mozilla	bugzilla	2.17.4
mozilla	bugzilla	2.17.5
mozilla	bugzilla	2.17.6
mozilla	bugzilla	2.17.7
mozilla	bugzilla	2.18
mozilla	bugzilla	2.18
mozilla	bugzilla	2.18
mozilla	bugzilla	2.18
mozilla	bugzilla	2.18.1
mozilla	bugzilla	2.18.2
mozilla	bugzilla	2.18.3
mozilla	bugzilla	2.18.4
mozilla	bugzilla	2.18.5
mozilla	bugzilla	2.18.6
mozilla	bugzilla	2.18.6\+
mozilla	bugzilla	2.18.7
mozilla	bugzilla	2.18.8
mozilla	bugzilla	2.18.9
mozilla	bugzilla	2.19
mozilla	bugzilla	2.19.1
mozilla	bugzilla	2.19.2
mozilla	bugzilla	2.19.3
mozilla	bugzilla	2.20
mozilla	bugzilla	2.20
mozilla	bugzilla	2.20
mozilla	bugzilla	2.20.1
mozilla	bugzilla	2.20.2
mozilla	bugzilla	2.20.3
mozilla	bugzilla	2.20.4
mozilla	bugzilla	2.20.5
mozilla	bugzilla	2.20.6
mozilla	bugzilla	2.20.7
mozilla	bugzilla	2.21
mozilla	bugzilla	2.21.1
mozilla	bugzilla	2.21.2
mozilla	bugzilla	2.22
mozilla	bugzilla	2.22
mozilla	bugzilla	2.22.1
mozilla	bugzilla	2.22.2
mozilla	bugzilla	2.22.3
mozilla	bugzilla	2.22.4
mozilla	bugzilla	2.22.5
mozilla	bugzilla	2.22.6
mozilla	bugzilla	2.22.7
mozilla	bugzilla	2.23
mozilla	bugzilla	2.23.1
mozilla	bugzilla	2.23.2
mozilla	bugzilla	2.23.3
mozilla	bugzilla	2.23.4
mozilla	bugzilla	3.2
mozilla	bugzilla	3.2
mozilla	bugzilla	3.2
mozilla	bugzilla	3.2.1
mozilla	bugzilla	3.2.2
mozilla	bugzilla	3.2.3
mozilla	bugzilla	3.2.4
mozilla	bugzilla	3.2.5
mozilla	bugzilla	3.2.6
mozilla	bugzilla	3.2.7
mozilla	bugzilla	3.2.8
mozilla	bugzilla	3.4.1
mozilla	bugzilla	3.4.2
mozilla	bugzilla	3.4.3
mozilla	bugzilla	3.4.4
mozilla	bugzilla	3.4.5
mozilla	bugzilla	3.4.6
mozilla	bugzilla	3.4.7
mozilla	bugzilla	3.4.8
mozilla	bugzilla	3.4.9
mozilla	bugzilla	3.6.0
mozilla	bugzilla	3.6.1
mozilla	bugzilla	3.6.2
mozilla	bugzilla	3.6.3
mozilla	bugzilla	4.0
mozilla	bugzilla	4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8089D4AB-7A6A-41C8-B5BC-A92D783C720B",
              "versionEndIncluding": "3.2.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC38A53F-60E6-4F7A-A953-C53D141E830D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAFEF951-3FE8-49DD-B3DD-E526D5B52998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8112FF13-B4CE-4DC7-85B1-C69D975F162B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F5A3CA-E4A6-4E51-AC83-0C8F3E5E2C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E5E379-D475-42F3-B0DC-3D04C1D25566",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3B3EF74-4784-47A7-8994-21EF489F4008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "893741D3-062B-45F9-B5A3-1B81058E7FD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8D53B5F-6AEE-4192-B838-E1DA92C59285",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "1883A98C-E595-4F3C-87BF-A63393F9F561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD49E53A-5676-4FAC-A8A2-30FAC04C33D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1084AF8E-5269-4EFF-BBD2-C5A77945FCF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A4B035-B73E-48E9-BBB9-83219F5D2A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9452C271-2812-4775-8396-394C642EACFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D351AF2-C0AB-4BB3-8692-677A3025A615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16D338E-C5BC-46E1-95DD-D9B0E25EE56E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "5877CECA-F758-4F48-B4F4-2C4C1DF01FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "D63CE086-5872-4594-8F4B-8D812E7EF09C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F19219-3AFD-4D8E-B02B-BFCBD1BC7C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B900D9A7-913A-4176-90CF-C7C3B09A4261",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B692910E-633D-4A88-B245-56A2B58DD4CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86EE5DB-442B-4C78-8152-AF1048C6A974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "19B82A1A-56EB-41D5-8619-2A717E3A6ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83A0406C-AAF2-4A4C-9567-E21DF1B6C46E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "64434BFC-DDC0-4C7D-B578-472B0610C89E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A30F28D9-B000-4C26-A911-5E1B8A867BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A123F78-A671-4FB5-AE78-83762E9323C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C34288-A326-4B71-99B0-DA9FFD28160F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "73648879-BB08-4BE4-A7FF-1E8DF4E264B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.16_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B4CC7E4-617D-498E-A367-374478158FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B2FC5C7-B218-4B87-9805-F90AC0E7A281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCDA64F-C49A-4F5B-B285-4079D8E3A499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "930AF809-CA52-41CB-985A-066B8239C7CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "85ED3457-CC21-4DB3-931F-677F723E1B2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8711D3-55CF-4131-BBAC-6BE07068219F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF54FFA5-5177-46E6-9AFA-BA3345C16E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D7EA7C-B401-4F5A-AC08-2199DD117403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC2DDC7C-CD2B-4597-A5E0-266A884958FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB99B2D-CA05-4BC0-BCA4-9B94DF248333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "3635C0E9-2E43-4BAE-8267-2BB2F68B03BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "4869A709-AF79-49BD-A7D2-D48A8D79A085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "EAC72143-27C3-498F-AFAB-98AE043C0545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE5E8E72-D493-460D-B5A0-F90C291398A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04885D31-09F3-455F-A1A9-815E182ABCF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F153300E-42CC-4BDD-88EC-E8A0ADB4E3B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "92BCD546-2A50-4F43-935C-B68459EE894E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C535BAB7-6146-440B-ADBD-51007585CFC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6BA7E8-DEC7-4D94-B9F9-B70EC39FD892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.6\\+:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E6F17A-7292-4640-A5E6-59865D1CDD7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9130B6B-764B-4B83-A2BD-E16013682875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7A5111-8729-48DF-B308-7A489BEFA6D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.18.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E24C39-0E61-4A57-B93F-F0ABF4CEAEEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "725BD7BE-1769-4032-ADA8-9ED15528C770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "239D70F4-7D86-4A57-ACEF-440F68994FB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABEE2C94-DA69-4A78-A15F-538383A7460E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F7CD64E-7FAA-40DC-B36E-8B7EB9D620FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A749C7AB-6F60-469C-BD95-759205DDA345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B45F6C27-D89A-42A0-A304-5B0C57D2A9F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "196B7CD8-D721-4CFB-B126-78758128E900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEA9DE63-9951-4FE0-80BE-0F6F197303D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0CEDD02-1CB8-4D5B-B82B-E300B4E39065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E27101B-7985-4412-A14F-9ED11E4C874C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A74E8A2-223E-4877-989E-494362B513E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0CAFB45-B115-4492-9919-60223304BB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC3F7C44-C734-419B-AB62-3AD52554FC7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "695036D1-994C-451E-8D53-0A345702E4D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2053CFB4-602E-4141-BB3D-A440E2A31D85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31ACBA13-AC13-4469-862F-B3DD2327B6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9EC243-3E25-4234-A88A-FDD5B594BFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2969731-8256-431B-9356-4BC873D98F6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1C166E42-9B36-4883-B738-EEBEF3056D98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5177876-0FEC-481B-815F-84AF53968644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC38566A-07F1-4F21-BAC1-259F844DC15C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE1684B8-3060-4139-BC06-707F27A05958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF32C74C-3EA3-4E1F-BADA-BB4A92068266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D569A750-C649-4D40-89AB-D29773E66F66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "95B69FA8-1182-46F1-952F-4610288ED409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5716BB97-7829-4FDE-92AC-69CA10332F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "02846865-D124-4C72-85C8-59A7C6F43E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B59422-ED6E-4F82-8D0C-091058D1C438",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.23.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F658844A-6253-4A18-8A5D-1E818BE7A367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.23.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4753AB35-B95C-4544-A874-5E6D83929AC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:2.23.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4880D54-CA42-4CCA-B01E-2C125002BF5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F248EA4D-1A39-40FD-8D3C-9701D36FD6B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "170EB43B-9488-4E25-9401-B84DE838247B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1ED7682-A315-4F92-9F9F-38290BCC058E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "14B5A433-526F-436E-9FCD-B71E661180FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "48EDC5BC-AD4B-4E67-B79C-F44292307AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC62B7-2CAA-4A0D-A9B2-B4A6B105A6F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4A7A67-1355-4648-B8C9-3231BED96547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "442AB3EE-61DF-4B25-ABEB-55905C01E376",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F825E34-D529-4ADC-A7D6-1BD9DAE86FC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F92D0C-AF71-4FD3-BC4B-C6D0F1F84F9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC26020-BFD7-493B-BDE2-1EC8DEA1A6DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA43E47B-F474-4F5B-A91B-9AF99359FE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7A3A453-EE50-458C-8F31-D7AA232006FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D920D39-683D-4F9F-AA85-3C4D1600DAD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A4F1FD-2B00-4A99-AAA1-DBBFE3748D87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF6A3C0F-8778-4236-B4DC-41DBCF43EB62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D134D4D-6A95-48FE-B8E5-4F90692CB4FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "08C34E6F-8233-4575-AAE7-4DBFC27453F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8155F8-CAB1-4EED-B576-F4102253BD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "593D2F3B-A386-48D8-BF19-A12F1B4962A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A1AD503-7F78-4597-AECD-6DC530AD4D3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCAD5285-E485-4F49-99CF-287545260FDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C193DF3-8D23-44A9-94DE-9F4F7358ED3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BA8C84-32C3-4ECF-B4C7-573B12441D22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DABC1683-0E04-456E-9500-68D0D35815E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "38D71912-DCD6-44BB-8A86-72D207B49E58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Bugzilla anterior a v3.2.10, v3.4.x anterior a v3.4.10, v3.6.x anterior a v3.6.4, y v4.0.x anterior a v4.0rc2 permiten a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios de su elecci\u00f3n para solicitudes relacionadas con (1) a\u00f1adir una b\u00fasqueda almacenada en buglist.cgi, (2) votar en votes.cgi, (3) realizar unas comprobaciones de saneamiento en sanitycheck.cgi, (4) crear o editar un chart en chart.cgi, (5) cambiar una columna en  colchange.cgi, y (6) a\u00f1adir, eliminar, o aprobar un quip en quips.cgi."
    }
  ],
  "id": "CVE-2011-0046",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-01-28T16:00:02.987",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70705"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70706"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70707"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70708"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70709"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70710"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/43165"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.bugzilla.org/security/3.2.9/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2011/dsa-2322"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/45982"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0207"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0271"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70707"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.bugzilla.org/security/3.2.9/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/45982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=621110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65003"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-0046 (GCVE-0-2011-0046)

GSD-2011-0046

GHSA-VXHQ-W38V-XX5F

CERTA-2011-AVI-031

Description

Solution

FKIE_CVE-2011-0046

Tags

Sightings

Nomenclature