CVE-2012-0448 in Bugzillainfo

Summary

Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 does not reject non-ASCII characters in e-mail addresses of new user accounts, which makes it easier for remote authenticated users to spoof other user accounts by choosing a similar e-mail address.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

01/09/2012

Disclosure

02/02/2012

Moderation

VulDB entry created

Entries

1: VDB-60091

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

4.3

EPSS

0.00364

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-0448
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0448
CVE Details	https://www.cvedetails.com/cve/CVE-2012-0448/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!