← voltar
CVE-2011-2381

CVE-2011-2381

EPSS 1.5%
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.mozilla.org/show_bug.cgi?id=657158http://secunia.com/advisories/45501https://exchange.xforce.ibmcloud.com/vulnerabilities/69035http://www.bugzilla.org/security/3.4.11/http://www.debian.org/security/2011/dsa-2322http://www.osvdb.org/74300http://www.securityfocus.com/bid/49042