ByteOS Network

CVE Vulnerability Details :

CVE-2002-0010

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-10 Jan, 2002 | 05:00

Updated At-08 Aug, 2024 | 02:35

▼CVE Numbering Authority (CNA)

Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://archives.neohapsis.com/archives/bugtraq/2002-01/0052.html	mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/3805	vdb-entry x_refsource_BID
http://www.securityfocus.com/bid/3802	vdb-entry x_refsource_BID
http://www.securityfocus.com/bid/3801	vdb-entry x_refsource_BID
http://www.iss.net/security_center/static/7811.php	vdb-entry x_refsource_XF
http://www.iss.net/security_center/static/7814.php	vdb-entry x_refsource_XF
http://bugzilla.mozilla.org/show_bug.cgi?id=108821	x_refsource_MISC
http://www.iss.net/security_center/static/7813.php	vdb-entry x_refsource_XF
http://bugzilla.mozilla.org/show_bug.cgi?id=108812	x_refsource_MISC
http://rhn.redhat.com/errata/RHSA-2002-001.html	vendor-advisory x_refsource_REDHAT
http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html	mailing-list x_refsource_BUGTRAQ
http://www.iss.net/security_center/static/7807.php	vdb-entry x_refsource_XF
http://www.bugzilla.org/bugzilla2.14to2.14.1.patch	x_refsource_MISC
http://bugzilla.mozilla.org/show_bug.cgi?id=108822	x_refsource_MISC
http://www.bugzilla.org/security2_14_1.html	x_refsource_CONFIRM
http://www.iss.net/security_center/static/7809.php	vdb-entry x_refsource_XF
http://bugzilla.mozilla.org/show_bug.cgi?id=109679	x_refsource_MISC
http://www.securityfocus.com/bid/3804	vdb-entry x_refsource_BID
http://bugzilla.mozilla.org/show_bug.cgi?id=109690	x_refsource_MISC

Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-01/0052.html

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.securityfocus.com/bid/3805

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.securityfocus.com/bid/3802

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.securityfocus.com/bid/3801

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.iss.net/security_center/static/7811.php

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://www.iss.net/security_center/static/7814.php

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://bugzilla.mozilla.org/show_bug.cgi?id=108821

Resource:

x_refsource_MISC

Hyperlink: http://www.iss.net/security_center/static/7813.php

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://bugzilla.mozilla.org/show_bug.cgi?id=108812

Resource:

x_refsource_MISC

Hyperlink: http://rhn.redhat.com/errata/RHSA-2002-001.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.iss.net/security_center/static/7807.php

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://www.bugzilla.org/bugzilla2.14to2.14.1.patch

Resource:

x_refsource_MISC

Hyperlink: http://bugzilla.mozilla.org/show_bug.cgi?id=108822

Resource:

x_refsource_MISC

Hyperlink: http://www.bugzilla.org/security2_14_1.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.iss.net/security_center/static/7809.php

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://bugzilla.mozilla.org/show_bug.cgi?id=109679

Resource:

x_refsource_MISC

Hyperlink: http://www.securityfocus.com/bid/3804

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://bugzilla.mozilla.org/show_bug.cgi?id=109690

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://archives.neohapsis.com/archives/bugtraq/2002-01/0052.html	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.securityfocus.com/bid/3805	vdb-entry x_refsource_BID x_transferred
http://www.securityfocus.com/bid/3802	vdb-entry x_refsource_BID x_transferred
http://www.securityfocus.com/bid/3801	vdb-entry x_refsource_BID x_transferred
http://www.iss.net/security_center/static/7811.php	vdb-entry x_refsource_XF x_transferred
http://www.iss.net/security_center/static/7814.php	vdb-entry x_refsource_XF x_transferred
http://bugzilla.mozilla.org/show_bug.cgi?id=108821	x_refsource_MISC x_transferred
http://www.iss.net/security_center/static/7813.php	vdb-entry x_refsource_XF x_transferred
http://bugzilla.mozilla.org/show_bug.cgi?id=108812	x_refsource_MISC x_transferred
http://rhn.redhat.com/errata/RHSA-2002-001.html	vendor-advisory x_refsource_REDHAT x_transferred
http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.iss.net/security_center/static/7807.php	vdb-entry x_refsource_XF x_transferred
http://www.bugzilla.org/bugzilla2.14to2.14.1.patch	x_refsource_MISC x_transferred
http://bugzilla.mozilla.org/show_bug.cgi?id=108822	x_refsource_MISC x_transferred
http://www.bugzilla.org/security2_14_1.html	x_refsource_CONFIRM x_transferred
http://www.iss.net/security_center/static/7809.php	vdb-entry x_refsource_XF x_transferred
http://bugzilla.mozilla.org/show_bug.cgi?id=109679	x_refsource_MISC x_transferred
http://www.securityfocus.com/bid/3804	vdb-entry x_refsource_BID x_transferred
http://bugzilla.mozilla.org/show_bug.cgi?id=109690	x_refsource_MISC x_transferred