SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DSA-1913-1 | New bugzilla packages fix SQL injection |
![]() |
EUVD-2009-3148 | SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T17:43:12.635Z
Reserved: 2009-09-11T00:00:00Z
Link: CVE-2009-3165

No data.

Status : Deferred
Published: 2009-09-15T22:30:00.377
Modified: 2025-04-09T00:30:58.490
Link: CVE-2009-3165

No data.

No data.