Candidate: CVE-2009-1213
PublicDate: 2009-04-01 10:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213
Description:
 Cross-site request forgery (CSRF) vulnerability in attachment.cgi in
 Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows
 remote attackers to hijack the authentication of arbitrary users for
 requests that use attachment editing.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_bugzilla:
upstream_bugzilla: released (3.2.4.0-3)
dapper_bugzilla: ignored (reached end-of-life)
gutsy_bugzilla: needed (reached end-of-life)
hardy_bugzilla: ignored (reached end-of-life)
intrepid_bugzilla: needed (reached end-of-life)
jaunty_bugzilla: ignored (reached end-of-life)
karmic_bugzilla: not-affected (3.2.4.0-3)
lucid_bugzilla: not-affected (3.2.4.0-3)
maverick_bugzilla: not-affected (3.2.4.0-3)
natty_bugzilla: not-affected (3.2.4.0-3)
oneiric_bugzilla: not-affected (3.2.4.0-3)
devel_bugzilla: not-affected (3.2.4.0-3)