CVE-2003-1043

Published: Aug 18, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.

Affected (18)

Products: Mozilla: Bugzilla

Mozilla

1 product

Bugzilla

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Mozilla Bugzilla	Version 2.10
Mozilla Bugzilla	Version 2.12
Mozilla Bugzilla	Version 2.14.1
Mozilla Bugzilla	Version 2.14.2
Mozilla Bugzilla	Version 2.14.3
Mozilla Bugzilla	Version 2.14.4
Mozilla Bugzilla	Version 2.14.5
Mozilla Bugzilla	Version 2.14
Mozilla Bugzilla	Version 2.16.1
Mozilla Bugzilla	Version 2.16.2
Mozilla Bugzilla	Version 2.16.3
Mozilla Bugzilla	Version 2.16
Mozilla Bugzilla	Version 2.17.1
Mozilla Bugzilla	Version 2.17.3
Mozilla Bugzilla	Version 2.17.4
Mozilla Bugzilla	Version 2.4
Mozilla Bugzilla	Version 2.6
Mozilla Bugzilla	Version 2.8