Bugzilla prior to 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 2.8 |
||
mozilla bugzilla 2.4 |
||
mozilla bugzilla 2.6 |
||
mozilla bugzilla 2.10 |
||
mozilla bugzilla 2.12 |
||
mozilla bugzilla 2.14 |