CVE-2009-0484
Published Feb 9, 2009
Last updated 16 years ago
Overview
- Description
- Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45C36666-518F-4956-816A-940930425955"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF2DF96F-E45E-45AF-85E5-E939F923EC1B"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80EBAA09-F2C8-445E-8E3A-B5F937E1B1E2"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11C6713F-01ED-4AE9-AE42-89926067E6E6"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AB5010D-37A3-4B6E-92B6-6F41A3708851"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEB09719-122F-4D25-B680-18029D5D9DE9"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF585D92-9FAF-4858-A956-68AF77227333"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F248EA4D-1A39-40FD-8D3C-9701D36FD6B1"
},
{
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2962084-F778-4574-8105-8C5A260CCBD7"
}
],
"operator": "OR"
}
]
}
]