CVE-2009-3165
Priority
Medium
Description
SQL injection vulnerability in the Bug.create WebService function in
Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1
allows remote attackers to execute arbitrary SQL commands via unspecified
parameters.
Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1
allows remote attackers to execute arbitrary SQL commands via unspecified
parameters.
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (3.2.5.0-1) |
| Ubuntu 11.04 (Natty Narwhal): | not-affected (3.2.5.0-1) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (3.2.5.0-1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.5.0-1) |