Search.pm in Bugzilla 2.19.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 allows remote malicious users to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 2.19.1 |
||
mozilla bugzilla 2.20.4 |
||
mozilla bugzilla 2.20.5 |
||
mozilla bugzilla 2.21.2 |
||
mozilla bugzilla 2.22 |
||
mozilla bugzilla 2.23 |
||
mozilla bugzilla 2.9 |
||
mozilla bugzilla 3.0 |
||
mozilla bugzilla 3.0.4 |
||
mozilla bugzilla 3.0.5 |
||
mozilla bugzilla 3.1.1 |
||
mozilla bugzilla 3.2.5 |
||
mozilla bugzilla 3.2.4 |
||
mozilla bugzilla 3.2.7 |
||
mozilla bugzilla 3.3.1 |
||
mozilla bugzilla 3.4.4 |
||
mozilla bugzilla 3.4.5 |
||
mozilla bugzilla 3.7 |
||
mozilla bugzilla 3.7.1 |
||
mozilla bugzilla 2.20.2 |
||
mozilla bugzilla 2.20.3 |
||
mozilla bugzilla 2.21 |
||
mozilla bugzilla 2.21.1 |
||
mozilla bugzilla 2.22.6 |
||
mozilla bugzilla 2.22.7 |
||
mozilla bugzilla 2.6 |
||
mozilla bugzilla 2.19.2 |
||
mozilla bugzilla 2.19.3 |
||
mozilla bugzilla 2.20.6 |
||
mozilla bugzilla 2.20.7 |
||
mozilla bugzilla 2.22.1 |
||
mozilla bugzilla 2.22.3 |
||
mozilla bugzilla 2.23.1 |
||
mozilla bugzilla 2.23.2 |
||
mozilla bugzilla 2.23.3 |
||
mozilla bugzilla 3.0.0 |
||
mozilla bugzilla 3.0.1 |
||
mozilla bugzilla 3.0.6 |
||
mozilla bugzilla 3.0.7 |
||
mozilla bugzilla 3.2.3 |
||
mozilla bugzilla 3.2.2 |
||
mozilla bugzilla 3.3.2 |
||
mozilla bugzilla 3.3.3 |
||
mozilla bugzilla 3.4.6 |
||
mozilla bugzilla 3.4.7 |
||
mozilla bugzilla 3.7.2 |
||
mozilla bugzilla 2.8 |
||
mozilla bugzilla 3.0.2 |
||
mozilla bugzilla 3.0.3 |
||
mozilla bugzilla 3.1.0 |
||
mozilla bugzilla 3.1.3 |
||
mozilla bugzilla 3.2.6 |
||
mozilla bugzilla 3.4.2 |
||
mozilla bugzilla 3.4.3 |
||
mozilla bugzilla 3.5.3 |
||
mozilla bugzilla 3.6 |
||
mozilla bugzilla 3.6.1 |
||
mozilla bugzilla 2.2 |
||
mozilla bugzilla 2.20 |
||
mozilla bugzilla 2.20.1 |
||
mozilla bugzilla 2.22.4 |
||
mozilla bugzilla 2.22.5 |
||
mozilla bugzilla 2.23.4 |
||
mozilla bugzilla 2.4 |
||
mozilla bugzilla 3.0.10 |
||
mozilla bugzilla 3.0.11 |
||
mozilla bugzilla 3.0.8 |
||
mozilla bugzilla 3.0.9 |
||
mozilla bugzilla 3.2 |
||
mozilla bugzilla 3.1.2 |
||
mozilla bugzilla 3.3.4 |
||
mozilla bugzilla 3.4.1 |
||
mozilla bugzilla 3.5.1 |
||
mozilla bugzilla 3.5.2 |