← volver
CVE-2011-2381

CVE-2011-2381

EPSS 1.5%
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=657158http://secunia.com/advisories/45501https://exchange.xforce.ibmcloud.com/vulnerabilities/69035http://www.bugzilla.org/security/3.4.11/http://www.debian.org/security/2011/dsa-2322http://www.osvdb.org/74300http://www.securityfocus.com/bid/49042