CVE-2002-0806

Published: Aug 12, 2002Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.

Affected (4)

Products: Mozilla: Bugzilla

Mozilla

1 product

Bugzilla

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Bugzilla	Version 2.14.1
Mozilla Bugzilla	Version 2.14
Mozilla Bugzilla	Version 2.16
Mozilla Bugzilla	Version 2.16 rc1

References (12)

http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html

Source: cve@mitre.org

PatchVendor Advisory

http://bugzilla.mozilla.org/show_bug.cgi?id=141557

Source: cve@mitre.org

http://www.iss.net/security_center/static/9303.php

Source: cve@mitre.org

http://www.osvdb.org/5080

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-109.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/4964

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html