[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1572Date: (C)2014-10-13   (M)2023-12-22


The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for the realname parameter, which allows remote attackers to create accounts with unverified e-mail addresses by sending three realname values with realname=login_name as the second, as demonstrated by selecting an e-mail address with a domain name for which group privileges are automatically granted.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1030978
FEDORA-2014-12530
FEDORA-2014-12584
FEDORA-2014-12591
GLSA-201607-11
MDVSA-2014:200
http://openwall.com/lists/oss-security/2014/10/07/20
http://advisories.mageia.org/MGASA-2014-0412.html
http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications/
http://packetstormsecurity.com/files/128578/Bugzilla-Account-Creation-XSS-Information-Leak.html
http://www.bugzilla.org/security/4.0.14/
http://www.opennet.ru/opennews/art.shtml?num=40766
http://www.reddit.com/r/netsec/comments/2ihen0/new_class_of_vulnerability_in_perl_web/
https://bugzilla.mozilla.org/show_bug.cgi?id=1074812

CPE    202
cpe:/a:mozilla:bugzilla:2.22:rc1
cpe:/a:mozilla:bugzilla:2.14.2
cpe:/a:mozilla:bugzilla:2.14.1
cpe:/a:mozilla:bugzilla:4.0:rc1
...
CWE    1
CWE-264
OVAL    3
oval:org.secpod.oval:def:107842
oval:org.secpod.oval:def:107843
oval:org.secpod.oval:def:108425

© SecPod Technologies