var-201108-0186
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing. Bugzilla is prone to the following vulnerabilities: 1. A security-bypass vulnerability. 2. An email header-injection vulnerability. 3. Multiple information-disclosure vulnerabilities. 4. Multiple cross-site scripting vulnerabilities. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions, obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user, steal cookie-based authentication credentials, and perform actions in the vulnerable application in the context of the victim. Bugzilla is an open source defect tracking system developed by the Mozilla Foundation in the United States. It can manage the entire life cycle of defects in software development, such as submitting (new), repairing (resolve), and closing (close). Bugzilla 2.4 to 2.22.7, 3.0.x to 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0 prior to 4.0.2. x version, and 4.1.x versions prior to 4.1.3 have a cross-site scripting vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2322-1 security@debian.org http://www.debian.org/security/ Jonathan Wiltshire October 10, 2011 http://www.debian.org/security/faq
Package : bugzilla Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-201-2979 CVE-2010-4567 CVE-2010-4568 CVE-2010-4572 CVE-2011-0046 CVE-2011-0048 CVE-2011-2379 CVE-2011-2380 CVE-2011-2381 CVE-2011-2978
Several vulnerabilities were discovered in Bugzilla, a web-based bug tracking system.
CVE-2010-4572
By inserting particular strings into certain URLs, it was possible to inject both headers and content to any browser.
CVE-2010-4567, CVE-2011-0048
Bugzilla has a "URL" field that can contain several types of URL, including "javascript:" and "data:" URLs. However, it does not make "javascript:" and "data:" URLs into clickable links, to protect against cross-site scripting attacks or other attacks. It was possible to bypass this protection by adding spaces into the URL in places that Bugzilla did not expect them. Also, "javascript:" and "data:" links were always shown as clickable to logged-out users.
CVE-2010-4568
It was possible for a user to gain unauthorized access to any Bugzilla account in a very short amount of time (short enough that the attack is highly effective).
CVE-2011-0046
Various pages were vulnerable to Cross-Site Request Forgery attacks.
CVE-2011-2978
When a user changes his email address, Bugzilla trusts a user-modifiable field for obtaining the current e-mail address to send a confirmation message to. If an attacker has access to the session of another user (for example, if that user left their browser window open in a public place), the attacker could alter this field to cause the email-change notification to go to their own address. This means that the user would not be notified that his account had its email address changed by the attacker.
CVE-2011-2381
For flagmails only, attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications when an attachment flag is edited.
CVE-2011-2379
Bugzilla uses an alternate host for attachments when viewing them in raw format to prevent cross-site scripting attacks.
CVE-2011-2380 CVE-201-2979
Normally, a group name is confidential and is only visible to members of the group, and to non-members if the group is used in bugs. By crafting the URL when creating or editing a bug, it was possible to guess if a group existed or not, even for groups which weren't used in bugs and so which were supposed to remain confidential.
For the oldstable distribution (lenny), it has not been practical to backport patches to fix these bugs. Users of bugzilla on lenny are strongly advised to upgrade to the version in the squeeze distribution.
For the stable distribution (squeeze), these problems have been fixed in version 3.6.2.0-4.4.
For the testing distribution (wheezy) and the unstable distribution (sid), the bugzilla packages have been removed.
We recommend that you upgrade your bugzilla packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6TGQMACgkQXm3vHE4uylrKoACgpP8nXm2Nj6cmEPNLL5n4VVqQ cMsAoNuj8KxXmA437xUP1NZqnJrbWwFD =kZIo -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Bugzilla Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45501
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45501
RELEASE DATE: 2011-08-05
DISCUSS ADVISORY: http://secunia.com/advisories/45501/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45501/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45501
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Bugzilla, which can be exploited by malicious, local users to gain access to potentially sensitive information and by malicious users to disclose potentially sensitive information, conduct script insertion and spoofing attacks.
1) Input passed via patch attachments is not properly sanitised before being viewed in "Raw Unified" mode. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
Successful exploitation of this vulnerability requires the victim to use Internet Explorer or Safari browsers.
SOLUTION: Update to version 3.4.12, 3.6.6, or 4.1.3 (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor provides a bundled list of credits: Fr\xe9d\xe9ric Buclin Byron Jones Max Kanat-Alexander Reed Loden Neal Poole Neil Rashbrook David Lawrence
ORIGINAL ADVISORY: http://www.bugzilla.org/security/3.4.11/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Background
Bugzilla is the bug-tracking system from the Mozilla project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apps/bugzilla < 3.6.6 >= 3.6.6
Description
Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could conduct cross-site scripting attacks, conduct script insertion and spoofing attacks, hijack the authentication of arbitrary users, inject arbitrary HTTP headers, obtain access to arbitrary accounts, disclose the existence of confidential groups and its names, or inject arbitrary e-mail headers.
A local attacker could disclose the contents of temporarfy files for uploaded attachments.
Workaround
There is no known workaround at this time.
Resolution
All Bugzilla users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/bugzilla-3.6.6"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since August 27, 2011. It is likely that your system is already no longer affected by this issue.
References
[ 1 ] CVE-2010-2761 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2761 [ 2 ] CVE-2010-3172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3172 [ 3 ] CVE-2010-3764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3764 [ 4 ] CVE-2010-4411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4411 [ 5 ] CVE-2010-4567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4567 [ 6 ] CVE-2010-4568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4568 [ 7 ] CVE-2010-4569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4569 [ 8 ] CVE-2010-4570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4570 [ 9 ] CVE-2010-4572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4572 [ 10 ] CVE-2011-0046 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0046 [ 11 ] CVE-2011-0048 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0048 [ 12 ] CVE-2011-2379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2379 [ 13 ] CVE-2011-2380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2380 [ 14 ] CVE-2011-2381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2381 [ 15 ] CVE-2011-2976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2976 [ 16 ] CVE-2011-2977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2977 [ 17 ] CVE-2011-2978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2978 [ 18 ] CVE-2011-2979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2979
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-21f5d5f72.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0186",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.14.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.14.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.14.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.16.11"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.20.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.18.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.19.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.20.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.8"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.14.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.18.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.9"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.12"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.20.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.7.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.20.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.10"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.9"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.21"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "4.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.9"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.21.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.14"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.18.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.3.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.7.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.3.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.8"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.10"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.18.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.14.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.19.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.19"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.17"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.4.10"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.3.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.21.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.4.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.18.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.8"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.2.10"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.19.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.7.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.3.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.20"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.22"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.11"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "4.1.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.9"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.7"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "4.1.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.18"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "4.0.1"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.6.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.8"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.4.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.0"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.0.x to 3.3.x"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.4.12"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "4.1.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "2.4 to 2.22.7"
},
{
"model": "bugzilla",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.4.x"
},
{
"model": "bugzilla",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "4.1.x"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.5.x"
},
{
"model": "bugzilla",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "4.0.x"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.7.x"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "4.0.2"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"model": "bugzilla",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.6.x"
},
{
"model": "bugzilla 4.0rc2",
"scope": null,
"trust": 0.3,
"vendor": "mozilla",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla 4.0rc1",
"scope": null,
"trust": 0.3,
"vendor": "mozilla",
"version": null
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.20.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.23.2"
},
{
"model": "bugzilla",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4.12"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.2"
},
{
"model": "bugzilla 3.2rc2",
"scope": null,
"trust": 0.3,
"vendor": "mozilla",
"version": null
},
{
"model": "bugzilla rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.18"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.18"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.23.4"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.3"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.20.5"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.23.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla 3.2rc1",
"scope": null,
"trust": 0.3,
"vendor": "mozilla",
"version": null
},
{
"model": "bugzilla",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"model": "bugzilla",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.1.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.4"
},
{
"model": "bugzilla rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.22"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "bugzilla rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.20"
},
{
"model": "bugzilla rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.20"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.18.6"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.20.7"
},
{
"model": "bugzilla rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.18"
},
{
"model": "bugzilla",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.17.2"
}
],
"sources": [
{
"db": "BID",
"id": "49042"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.5",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2379"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fr\u0026amp;amp;amp;eacute;d\u0026amp;amp;amp;eacute;ric Buclin, Byron Jones, Max Kanat-Alexander, Reed Loden, Neal Poole, Neil Rashbrook, David Lawrence",
"sources": [
{
"db": "BID",
"id": "49042"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2379",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-2379",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-50324",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2379",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-111",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-50324",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50324"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing. Bugzilla is prone to the following vulnerabilities:\n1. A security-bypass vulnerability. \n2. An email header-injection vulnerability. \n3. Multiple information-disclosure vulnerabilities. \n4. Multiple cross-site scripting vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to bypass certain security restrictions, obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user, steal cookie-based authentication credentials, and perform actions in the vulnerable application in the context of the victim. Bugzilla is an open source defect tracking system developed by the Mozilla Foundation in the United States. It can manage the entire life cycle of defects in software development, such as submitting (new), repairing (resolve), and closing (close). Bugzilla 2.4 to 2.22.7, 3.0.x to 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0 prior to 4.0.2. x version, and 4.1.x versions prior to 4.1.3 have a cross-site scripting vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2322-1 security@debian.org\nhttp://www.debian.org/security/ Jonathan Wiltshire\nOctober 10, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bugzilla\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-201-2979 CVE-2010-4567 CVE-2010-4568 CVE-2010-4572 \n CVE-2011-0046 CVE-2011-0048 CVE-2011-2379 CVE-2011-2380 \n CVE-2011-2381 CVE-2011-2978 \n\nSeveral vulnerabilities were discovered in Bugzilla, a web-based bug\ntracking system. \n\nCVE-2010-4572\n\n By inserting particular strings into certain URLs, it was\n possible to inject both headers and content to any\n browser. \n\nCVE-2010-4567, CVE-2011-0048\n\n Bugzilla has a \"URL\" field that can contain several types\n of URL, including \"javascript:\" and \"data:\" URLs. However,\n it does not make \"javascript:\" and \"data:\" URLs into\n clickable links, to protect against cross-site scripting\n attacks or other attacks. It was possible to bypass this\n protection by adding spaces into the URL in places that\n Bugzilla did not expect them. Also, \"javascript:\" and\n \"data:\" links were *always* shown as clickable to\n logged-out users. \n\nCVE-2010-4568\n\n It was possible for a user to gain unauthorized access to\n any Bugzilla account in a very short amount of time (short\n enough that the attack is highly effective). \n\nCVE-2011-0046\n\n Various pages were vulnerable to Cross-Site Request\n Forgery attacks. \n\nCVE-2011-2978\n\n When a user changes his email address, Bugzilla trusts\n a user-modifiable field for obtaining the current e-mail\n address to send a confirmation message to. If an attacker\n has access to the session of another user (for example,\n if that user left their browser window open in a public\n place), the attacker could alter this field to cause\n the email-change notification to go to their own address. \n This means that the user would not be notified that his\n account had its email address changed by the attacker. \n\nCVE-2011-2381\n\n For flagmails only, attachment descriptions with a newline\n in them could lead to the injection of crafted headers in\n email notifications when an attachment flag is edited. \n\nCVE-2011-2379\n\n Bugzilla uses an alternate host for attachments when\n viewing them in raw format to prevent cross-site scripting\n attacks. \n\nCVE-2011-2380 CVE-201-2979\n\n Normally, a group name is confidential and is only visible\n to members of the group, and to non-members if the group\n is used in bugs. By crafting the URL when creating or\n editing a bug, it was possible to guess if a group existed\n or not, even for groups which weren\u0027t used in bugs and so\n which were supposed to remain confidential. \n\nFor the oldstable distribution (lenny), it has not been practical to\nbackport patches to fix these bugs. Users of bugzilla on lenny are \nstrongly advised to upgrade to the version in the squeeze distribution. \n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 3.6.2.0-4.4. \n\nFor the testing distribution (wheezy) and the unstable distribution (sid),\nthe bugzilla packages have been removed. \n\nWe recommend that you upgrade your bugzilla packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAk6TGQMACgkQXm3vHE4uylrKoACgpP8nXm2Nj6cmEPNLL5n4VVqQ\ncMsAoNuj8KxXmA437xUP1NZqnJrbWwFD\n=kZIo\n-----END PGP SIGNATURE-----\n\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nBugzilla Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45501\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45501/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45501\n\nRELEASE DATE:\n2011-08-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45501/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45501/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45501\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Bugzilla, which can be\nexploited by malicious, local users to gain access to potentially\nsensitive information and by malicious users to disclose potentially\nsensitive information, conduct script insertion and spoofing\nattacks. \n\n1) Input passed via patch attachments is not properly sanitised\nbefore being viewed in \"Raw Unified\" mode. This can be exploited to\ninsert arbitrary HTML and script code, which will be executed in a\nuser\u0027s browser session in context of an affected site when the\nmalicious data is being viewed. \n\nSuccessful exploitation of this vulnerability requires the victim to\nuse Internet Explorer or Safari browsers. \n\nSOLUTION:\nUpdate to version 3.4.12, 3.6.6, or 4.1.3 (please see the vendor\u0027s\nadvisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor provides a bundled list of credits:\nFr\\xe9d\\xe9ric Buclin\nByron Jones\nMax Kanat-Alexander\nReed Loden\nNeal Poole\nNeil Rashbrook\nDavid Lawrence\n\nORIGINAL ADVISORY:\nhttp://www.bugzilla.org/security/3.4.11/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\nBugzilla is the bug-tracking system from the Mozilla project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-apps/bugzilla \u003c 3.6.6 \u003e= 3.6.6\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Bugzilla. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could conduct cross-site scripting attacks, conduct\nscript insertion and spoofing attacks, hijack the authentication of\narbitrary users, inject arbitrary HTTP headers, obtain access to\narbitrary accounts, disclose the existence of confidential groups and\nits names, or inject arbitrary e-mail headers. \n\nA local attacker could disclose the contents of temporarfy files for\nuploaded attachments. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Bugzilla users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-apps/bugzilla-3.6.6\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since August 27, 2011. It is likely that your system is\nalready no longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2010-2761\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2761\n[ 2 ] CVE-2010-3172\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3172\n[ 3 ] CVE-2010-3764\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3764\n[ 4 ] CVE-2010-4411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4411\n[ 5 ] CVE-2010-4567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4567\n[ 6 ] CVE-2010-4568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4568\n[ 7 ] CVE-2010-4569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4569\n[ 8 ] CVE-2010-4570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4570\n[ 9 ] CVE-2010-4572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4572\n[ 10 ] CVE-2011-0046\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0046\n[ 11 ] CVE-2011-0048\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0048\n[ 12 ] CVE-2011-2379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2379\n[ 13 ] CVE-2011-2380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2380\n[ 14 ] CVE-2011-2381\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2381\n[ 15 ] CVE-2011-2976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2976\n[ 16 ] CVE-2011-2977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2977\n[ 17 ] CVE-2011-2978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2978\n[ 18 ] CVE-2011-2979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2979\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-21f5d5f72.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "BID",
"id": "49042"
},
{
"db": "VULHUB",
"id": "VHN-50324"
},
{
"db": "PACKETSTORM",
"id": "105648"
},
{
"db": "PACKETSTORM",
"id": "103748"
},
{
"db": "PACKETSTORM",
"id": "105651"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2379",
"trust": 3.0
},
{
"db": "BID",
"id": "49042",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "45501",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "74297",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-50324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105648",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103748",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105651",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50324"
},
{
"db": "BID",
"id": "49042"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "PACKETSTORM",
"id": "105648"
},
{
"db": "PACKETSTORM",
"id": "103748"
},
{
"db": "PACKETSTORM",
"id": "105651"
},
{
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"id": "VAR-201108-0186",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50324"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:07:31.081000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Safari",
"trust": 0.8,
"url": "http://www.apple.com/safari/"
},
{
"title": "Internet Explorer",
"trust": 0.8,
"url": "http://windows.microsoft.com/en-us/internet-explorer/products/ie/home"
},
{
"title": "Bug 637981",
"trust": 0.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=637981"
},
{
"title": "4.1.2, 4.0.1, 3.6.5, and 3.4.11 Security Advisory",
"trust": 0.8,
"url": "http://www.bugzilla.org/security/3.4.11/"
},
{
"title": "Mozilla Bugzilla Raw Unified Remedial measures for pattern cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=157614"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50324"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "NVD",
"id": "CVE-2011-2379"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.bugzilla.org/security/3.4.11/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/49042"
},
{
"trust": 1.7,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=637981"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2011/dsa-2322"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/74297"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45501"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69033"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2379"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2379"
},
{
"trust": 0.3,
"url": "http://www.bugzilla.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4568"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0048"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2380"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2381"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0046"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2379"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45501"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45501/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45501/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2979"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-21f5d5f72.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3764"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0046"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2761"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3172"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2381"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0048"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2379"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50324"
},
{
"db": "BID",
"id": "49042"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "PACKETSTORM",
"id": "105648"
},
{
"db": "PACKETSTORM",
"id": "103748"
},
{
"db": "PACKETSTORM",
"id": "105651"
},
{
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50324"
},
{
"db": "BID",
"id": "49042"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"db": "PACKETSTORM",
"id": "105648"
},
{
"db": "PACKETSTORM",
"id": "103748"
},
{
"db": "PACKETSTORM",
"id": "105651"
},
{
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-50324"
},
{
"date": "2011-08-05T00:00:00",
"db": "BID",
"id": "49042"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"date": "2011-10-10T22:39:20",
"db": "PACKETSTORM",
"id": "105648"
},
{
"date": "2011-08-05T09:52:27",
"db": "PACKETSTORM",
"id": "103748"
},
{
"date": "2011-10-10T22:41:23",
"db": "PACKETSTORM",
"id": "105651"
},
{
"date": "2011-08-09T19:55:01.433000",
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"date": "2011-08-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-50324"
},
{
"date": "2015-05-07T17:06:00",
"db": "BID",
"id": "49042"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004689"
},
{
"date": "2021-07-23T15:12:30.843000",
"db": "NVD",
"id": "CVE-2011-2379"
},
{
"date": "2021-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bugzilla Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004689"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-111"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.