Candidate: CVE-2009-3125
PublicDate: 2009-09-15 22:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3125
Description:
 SQL injection vulnerability in the Bug.search WebService function in
 Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute
 arbitrary SQL commands via unspecified parameters.
Ubuntu-Description:
Notes:
 jdstrand> only 3.3.2 through 3.4.1 are affected
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_bugzilla:
upstream_bugzilla: pending (3.4.2)
dapper_bugzilla: not-affected (2.20-1)
hardy_bugzilla: not-affected
intrepid_bugzilla: not-affected
jaunty_bugzilla: not-affected
devel_bugzilla: not-affected (3.2.4.0-3ubuntu1)