Vulnerability CVE-2015-4499


Published: 2015-09-13   Modified: 2016-12-21

Description:
Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address.

Vendor: Mozilla
Product: Bugzilla 
Version:
5.0
4.4.9
4.4.8
4.4.7
4.4.6
4.4.5
4.4.4
4.4.3
4.4.2
4.4.1
4.4
4.3.3
4.3.2
4.3.1
4.3
4.2.9
4.2.8
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.14
4.2.13
4.2.12
4.2.11
4.2.1
4.2
4.1.3
4.1.2
4.1.1
4.1
4.0.9
4.0.8
4.0.7
4.0.6
4.0.5
4.0.4
4.0.3
4.0.2
4.0.16
4.0.13
4.0.12
4.0.11
4.0.10
4.0.1
4.0
3.7.3
3.7.2
3.7.1
3.7
3.6.9
3.6.8
3.6.7
3.6.6
3.6.5
3.6.4
3.6.3
3.6.2
3.6.13
3.6.12
3.6.11
3.6.10
3.6.1
3.6.0
3.6
3.5.3
3.5.2
3.5.1
3.5
3.4.9
3.4.8
3.4.7
3.4.6
3.4.5
3.4.4
3.4.3
3.4.2
3.4.13
3.4.12
3.4.11
3.4.10
3.4.1
3.4
3.3.4
3.3.3
3.3.2
3.3.1
3.3
3.2.9
3.2.8
3.2.7
3.2.6
3.2.5
3.2.4
3.2.3
3.2.2
3.2.10
3.2.1
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168725.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169946.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169983.html
http://packetstormsecurity.com/files/133578/Bugzilla-Unauthorized-Account-Creation.html
http://seclists.org/bugtraq/2015/Sep/48
http://seclists.org/bugtraq/2015/Sep/49
http://www.securitytracker.com/id/1033542
https://bug1202447.bmoattachments.org/attachment.cgi?id=8657861
https://bugzilla.mozilla.org/show_bug.cgi?id=1202447

Related CVE
CVE-2007-5341
Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
CVE-2017-7502
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
CVE-2017-5461
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other i...
CVE-2016-2803
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
CVE-2016-5284
Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificat...
CVE-2016-5282
Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.
CVE-2016-5283
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resiz...
CVE-2016-5280
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code via bidirectional text.

Copyright 2017, cxsecurity.com

 

Back to Top