CVE-2009-0482
Published: 9 February 2009
Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
Priority
Status
Package | Release | Status |
---|---|---|
bugzilla Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Not vulnerable
(3.2.4.0-3)
|
|
lucid |
Not vulnerable
(3.2.4.0-3)
|
|
maverick |
Not vulnerable
(3.2.4.0-3)
|
|
natty |
Not vulnerable
(3.2.4.0-3)
|
|
oneiric |
Not vulnerable
(3.2.4.0-3)
|
|
upstream |
Released
(3.2.4.0-3)
|