ByteOS Network

NVD Vulnerability Details :

CVE-2003-0602

Deferred

Source-cve@mitre.org

Published At-27 Aug, 2003 | 04:00

Updated At-03 Apr, 2025 | 01:03

Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 6.8

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000653	cve@mitre.org	N/A
http://www.bugzilla.org/security/2.16.2/	cve@mitre.org	N/A
http://www.securityfocus.com/bid/6861	cve@mitre.org	Patch Vendor Advisory
http://www.securityfocus.com/bid/6868	cve@mitre.org	Patch Vendor Advisory
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000653	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.bugzilla.org/security/2.16.2/	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/6861	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://www.securityfocus.com/bid/6868	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory