← Back

CVE-2003-1044

nvd nist
Published: Aug 18, 2004Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

Affected (18)

Products: Mozilla: Bugzilla
Mozilla
1 product
Bugzilla
Configuration A
18 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Bugzilla
Version 2.10
Bugzilla
Version 2.12
Bugzilla
Version 2.14.1
Bugzilla
Version 2.14.2
Bugzilla
Version 2.14.3
Bugzilla
Version 2.14.4
Bugzilla
Version 2.14.5
Bugzilla
Version 2.14
Bugzilla
Version 2.16.1
Bugzilla
Version 2.16.2
Bugzilla
Version 2.16.3
Bugzilla
Version 2.16
Bugzilla
Version 2.17.1
Bugzilla
Version 2.17.3
Bugzilla
Version 2.17.4
Bugzilla
Version 2.4
Bugzilla
Version 2.6
Bugzilla
Version 2.8

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.