Vulnerability Details CVE-2002-0808
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html
- http://bugzilla.mozilla.org/show_bug.cgi?id=107718
- http://www.iss.net/security_center/static/9305.php
- http://www.redhat.com/support/errata/RHSA-2002-109.html
- http://www.securityfocus.com/bid/4964
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html
- http://bugzilla.mozilla.org/show_bug.cgi?id=107718
- http://www.iss.net/security_center/static/9305.php
- http://www.redhat.com/support/errata/RHSA-2002-109.html
- http://www.securityfocus.com/bid/4964