Vulnerability Database

296,202

Total vulnerabilities in the database

CVE-2006-0914

Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error.

  • Published: Feb 28, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-0914
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/Au:S/C:N/I:P/A:P

CWEs:

Software From Fixed in
mozilla / bugzilla 2.17.6 2.17.6.x
mozilla / bugzilla 2.20-rc2 2.20-rc2.x
mozilla / bugzilla 2.20-rc1 2.20-rc1.x
mozilla / bugzilla 2.18-rc1 2.18-rc1.x
mozilla / bugzilla 2.17.4 2.17.4.x
mozilla / bugzilla 2.18.1 2.18.1.x
mozilla / bugzilla 2.17.5 2.17.5.x
mozilla / bugzilla 2.18.4 2.18.4.x
mozilla / bugzilla 2.18 2.18.x
mozilla / bugzilla 2.18.3 2.18.3.x
mozilla / bugzilla 2.17.7 2.17.7.x
mozilla / bugzilla 2.17 2.17.x
mozilla / bugzilla 2.18.2 2.18.2.x
mozilla / bugzilla 2.18-rc2 2.18-rc2.x
mozilla / bugzilla 2.16.10 2.16.10.x