Summary
The remote Bugzilla bug tracking system, according to its version number, is vulnerable to arbitrary commands execution flaws due to a lack of sanitization of user-supplied data in process_bug.cgi
Solution
Upgrade at version 2.12 or newer
Severity
Classification
-
CVE CVE-2000-0421, CVE-2001-0329 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
- 4Images <= 1.7.1 Directory Traversal Vulnerability
- AlefMentor Multiple SQL Injection Vulnerabilities
- Assesi 'bg' Parameter SQL Injection vulnerability