1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Candidate: CVE-2009-3125
PublicDate: 2009-09-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3125
Description:
SQL injection vulnerability in the Bug.search WebService function in
Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute
arbitrary SQL commands via unspecified parameters.
Ubuntu-Description:
Notes:
jdstrand> only 3.3.2 through 3.4.1 are affected
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_bugzilla:
upstream_bugzilla: pending (3.4.2)
dapper_bugzilla: not-affected (2.20-1)
hardy_bugzilla: not-affected
intrepid_bugzilla: not-affected
jaunty_bugzilla: not-affected
devel_bugzilla: not-affected (3.2.4.0-3ubuntu1)
|