CVE-2002-0808

Published: Aug 12, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.

Affected (4)

Products: Mozilla: Bugzilla

Mozilla

1 product

Bugzilla

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Bugzilla	Version 2.14.1
Mozilla Bugzilla	Version 2.14
Mozilla Bugzilla	Version 2.16
Mozilla Bugzilla	Version 2.16 rc1

References (10)

http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html

Source: cve@mitre.org

PatchVendor Advisory

http://bugzilla.mozilla.org/show_bug.cgi?id=107718

Source: cve@mitre.org

http://www.iss.net/security_center/static/9305.php

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-109.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/4964

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2002-06/0054.html