ports/159576: Security Advisory for Bugzilla Versions Prior to 3.6.6, 4.0.2
Peter Vereshagin
peter at vereshagin.org
Sun Aug 7 07:30:09 UTC 2011
>Number: 159576
>Category: ports
>Synopsis: Security Advisory for Bugzilla Versions Prior to 3.6.6, 4.0.2
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun Aug 07 07:30:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Peter Vereshagin
>Release: 7.4-stable as of 2011
>Organization:
Private
>Environment:
FreeBSD teh.ost 7.4-STABLE FreeBSD 7.4-STABLE #10: Mon May 2 16:12:55 MSD 2011 usr at teh.ost:/CONF i386
>Description:
The following impacts the ports devel/bugzilla and devel/bugzilla3 at least:
* Internet Explorer 8 and older, and Safari before 5.0.6 do content
sniffing when viewing a patch in "Raw Unified" mode, which could
trigger a cross-site scripting attack due to the execution of
malicious code in the attachment.
* Attachment descriptions with a newline in them could lead to the
injection of crafted headers in email notifications sent to the
requestee or the requester when editing an attachment flag.
* If an attacker has access to a user's session, he can modify that
user's email address without that user being notified of the change.
===
References: https://bugzilla.mozilla.org/show_bug.cgi?id=637981
CVE Number: CVE-2011-2379
Class: Information Leak
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list