what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Simon Green

Bugzilla Account Creation / XSS / Information Leak

Posted Oct 7, 2014

Authored by Frederic Buclin, Byron Jones, David Lawrence, Netanel Rubin, Simon Green, James Kettle, Matt Tyson | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure

advisories | CVE-2014-1571, CVE-2014-1572, CVE-2014-1573

SHA-256 | 0d0e7c27532f6562403faf6ddb1249c6fce16ba6525feadfe7c92217191a6748

Download | Favorite | View

Bugzilla 3.x / 4.x Cross Site Request Forgery

Posted Jul 25, 2014

Authored by Mario Gomes, Byron Jones, Reed Loden, Simon Green | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, and 4.5.1 to 4.5.4 suffer from a cross site request forgery vulnerability.

tags | advisory, csrf

advisories | CVE-2014-1546

SHA-256 | cd0337a3196b87e65a4382c3d46665e5a07957324bbe8fa092ed144b51893ab0

Download | Favorite | View