CVE-2009-3165

Priority
Medium
Description
SQL injection vulnerability in the Bug.create WebService function in
Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1
allows remote attackers to execute arbitrary SQL commands via unspecified
parameters.
References
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.2.5.0-1)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:36:42 UTC (commit 9756)