Mozilla Bugzilla Vulnerabilidad

Cronología

Versión

2.1444
2.14.140
2.1636
2.17.134
2.830

Contramedidas

Official Fix118
Temporary Fix0
Workaround0
Unavailable0
Not Defined20

Explotabilidad

High2
Functional0
Proof-of-Concept48
Unproven6
Not Defined82

Vector de acceso

Not Defined0
Physical0
Local12
Adjacent2
Network124

Autenticación

Not Defined0
High2
Low10
None126

La interacción del usuario

Not Defined0
Required32
None106

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤414
≤522
≤640
≤712
≤844
≤90
≤106

CVSSv3 Temp

≤10
≤20
≤30
≤424
≤530
≤634
≤742
≤82
≤90
≤106

VulDB

≤10
≤20
≤30
≤414
≤522
≤640
≤712
≤844
≤90
≤106

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k0
<2k0
<5k6
<10k44
<25k88
<50k0
<100k0
≥100k0

Explotar hoy

<1k126
<2k4
<5k4
<10k4
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Versions (169): 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.14.1, 2.14.2, 2.14.3, 2.14.4, 2.14.5, 2.15, 2.16, 2.16.1, 2.16.2, 2.16.3, 2.16.4, 2.16.5, 2.16.6, 2.16.7, 2.16.8, 2.16.9, 2.16.11, 2.17, 2.17.1, 2.17.2, 2.17.3, 2.17.4, 2.17.5, 2.17.6, 2.17.7, 2.18, 2.18.1, 2.18.2, 2.18.3, 2.18.4, 2.18.5, 2.19, 2.19.1, 2.19.2, 2.19.3, 2.20, 2.20.1, 2.20.2, 2.20.3, 2.20.4, 2.21, 2.21.1, 2.21.2, 2.22, 2.22.1, 2.22.2, 2.22.3, 2.22.4, 2.23, 2.23.1, 2.23.2, 2.23.3, 2.23.4, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.5, 3.5.1, 3.5.2, 3.5.3, 3.6, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.6.8, 3.6.9, 3.7, 3.7.1, 3.7.2, 3.7.3, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.11, 4.0.12, 4.0.13, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 4.2.12, 4.2.13, 4.2.14, 4.3, 4.3.1, 4.3.2, 4.3.3, 4.4, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.4.9, 4.4rc1, 4.5, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 5.0

Link to Product Website: https://www.mozilla.org/

Tipo de software: Bug Tracking Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2015-09-107.36.4Mozilla Bugzilla Email Address Util.pm escalada de privilegios$5k-$25k$0-$5kUnprovenOfficial Fix0.00CVE-2015-4499
2015-02-016.36.0Mozilla Bugzilla escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-8630
2014-10-064.34.1Mozilla Bugzilla cross site scripting$5k-$25k$0-$5kHighOfficial Fix0.00CVE-2014-1573
2014-10-065.34.6Mozilla Bugzilla Account Creation escalada de privilegios$5k-$25k$0-$5kUnprovenOfficial Fix0.02CVE-2014-1572
2014-10-065.34.6Mozilla Bugzilla Comment divulgación de información$5k-$25k$0-$5kUnprovenOfficial Fix0.00CVE-2014-1571
2014-07-244.34.1Mozilla Bugzilla JSONP Endpoint cross site request forgery$5k-$25k$0-$5kHighOfficial Fix0.02CVE-2014-1546
2014-04-185.34.8Mozilla Bugzilla Data Display autenticación débil$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2014-1517
2013-10-174.33.9Mozilla Bugzilla cross site scripting$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2013-1743
2013-10-176.35.7Mozilla Bugzilla editflagtypes.cgi cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2013-1742
2013-10-175.44.9Mozilla Bugzilla CSRF Token process_bug.cgi cross site request forgery$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2013-1733
2013-10-175.44.9Mozilla Bugzilla CSRF Token attachment.cgi cross site request forgery$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2013-1734
2013-02-244.34.1Mozilla Bugzilla Error Message build_subselect divulgación de información$5k-$25kCalculadorNot DefinedOfficial Fix0.04CVE-2013-0786
2012-11-164.34.3Mozilla Bugzilla swfstore.swf cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.05CVE-2012-5883
2012-09-045.35.3Mozilla Bugzilla escalada de privilegios$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2012-4747
2012-08-306.55.9Mozilla Bugzilla Username Parser search escalada de privilegios$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2012-3981
2012-08-304.33.9Mozilla Bugzilla Extension Directory Browser escalada de privilegios$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2012-3981
2012-07-265.34.8Mozilla Bugzilla escalada de privilegios$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2012-1969
2012-07-265.34.8Mozilla Bugzilla escalada de privilegios$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2012-1968
2012-04-135.95.3Mozilla Bugzilla JavaScript Template buglist.cgi escalada de privilegios$5k-$25kCalculadorProof-of-ConceptOfficial Fix0.02CVE-2012-0466
2012-02-246.36.3Mozilla Bugzilla mod_perl xmlrpc.cgi cross site request forgery$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2012-0453
2012-02-187.56.7Mozilla Bugzilla X-Forwarded-For Header escalada de privilegios$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2012-0465
2012-02-024.34.1Mozilla Bugzilla User Account escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2012-0448
2012-02-026.36.0Mozilla Bugzilla jsonrpc.cgi cross site request forgery$5k-$25kCalculadorNot DefinedOfficial Fix0.00CVE-2012-0440
2012-01-026.36.0Mozilla Bugzilla attachment.cgi cross site request forgery$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2011-3669
2012-01-026.36.0Mozilla Bugzilla post_bug.cgi cross site request forgery$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2011-3668

113 no se muestran más entradas

más entradas por Mozilla

Interested in the pricing of exploits?

See the underground prices here!