|Date: (C)2010-08-16 (M)2015-12-16|
|CVSS Score: 4.0||Access Vector: NETWORK|
|Exploitability Subscore: 8.0||Access Complexity: LOW|
|Impact Subscore: 2.9||Authentication: SINGLE_INSTANCE|
| ||Confidentiality: NONE|
| ||Integrity: NONE|
| ||Availability: PARTIAL|
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.