{ "schema_version": "1.7.0", "id": "MGASA-2014-0199", "published": "2014-05-02T17:50:55Z", "modified": "2014-05-02T17:50:50Z", "summary": "Updated bugzilla package fixes multiple vulnerabilities", "details": "Updated bugzilla packages fix security vulnerabilities:\n\nCross-site request forgery (CSRF) vulnerability in process_bug.cgi\nin Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the\nauthentication of arbitrary users for requests that modify bugs via\nvectors involving a midair-collision token (CVE-2013-1733).\n\nCross-site request forgery (CSRF) vulnerability in attachment.cgi in\nBugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before\n4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to\nhijack the authentication of arbitrary users for requests that commit\nan attachment change via an update action (CVE-2013-1734).\n\nMultiple cross-site scripting (XSS) vulnerabilities in\neditflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11;\n4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow\nremote attackers to inject arbitrary web script or HTML via the (1)\nid or (2) sortkey parameter (CVE-2013-1742).\n\nMultiple cross-site scripting (XSS) vulnerabilities in report.cgi\nin Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before\n4.4.1 allow remote attackers to inject arbitrary web script or HTML\nvia a field value that is not properly handled during construction\nof a tabular report, as demonstrated by the (1) summary or (2) real\nname field. NOTE: this issue exists because of an incomplete fix\nfor CVE-2012-4189 (CVE-2013-1743).\n\nThe login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before\n4.5.3 does not properly handle a correctly authenticated but unintended\nlogin attempt, which makes it easier for remote authenticated users to\nobtain sensitive information by arranging for a victim to login to the\nattacker's account and then submit a vulnerability report, related to a\n\"login CSRF\" issue (CVE-2014-1517).\n", "upstream": [ "CVE-2013-1733", "CVE-2013-1734", "CVE-2013-1743", "CVE-2013-1742", "CVE-2014-1517" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2014-0199.html" }, { "type": "WEB", "url": "http://www.bugzilla.org/security/4.0.10/" }, { "type": "WEB", "url": "http://www.bugzilla.org/security/4.0.11/" }, { "type": "WEB", "url": "http://www.bugzilla.org/releases/4.4.4/release-notes.html" }, { "type": "ADVISORY", "url": "http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2013:285/" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/pipermail/package-announce/2014-April/132309.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=10897" } ], "affected": [ { "package": { "ecosystem": "Mageia:3", "name": "bugzilla", "purl": "pkg:rpm/mageia/bugzilla?arch=source&distro=mageia-3" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "4.4.4-1.1.mga3" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }