CVE-2012-3981 in Mozilla Bugzillainfo

Summary

Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 does not restrict the characters in a username, which might allow remote attackers to inject data into an LDAP directory via a crafted login attempt.

Reservation

07/11/2012

Disclosure

09/04/2012

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
6084	Mozilla Bugzilla Username search credentials management	255	Proof-of-Concept	Official fix	CVE-2012-3981
6082	Mozilla Bugzilla Extension Directory Browser credentials management	255	Proof-of-Concept	Official fix	CVE-2012-3981

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!