|Date: (C)2010-08-16 (M)2015-12-16|| |
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.
|CVSS Score: 4.0||Access Vector: NETWORK|
|Exploit Score: 8.0||Access Complexity: LOW|
|Impact Score: 2.9||Authentication: SINGLE_INSTANCE|
| ||Confidentiality: NONE|
| ||Integrity: NONE|
| ||Availability: PARTIAL|