CVE Vulnerabilities

CVE-2001-1406

Published: Sep 10, 2001 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

process_bug.cgi in Bugzilla before 2.14 does not set the groupset bit when a bug is moved between product groups, which will cause the bug to have the old groups restrictions, which might not be as stringent.

Affected Software

Name Vendor Start Version End Version
Bugzilla Mozilla 2.4 2.4
Bugzilla Mozilla 2.6 2.6
Bugzilla Mozilla 2.8 2.8
Bugzilla Mozilla 2.10 2.10
Bugzilla Mozilla 2.12 2.12
Bugzilla Mozilla 2.14 2.14

References