CVE-2010-2759

EUVD-2010-2763
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
mozillabugzilla
2.4
mozillabugzilla
2.6
mozillabugzilla
2.8
mozillabugzilla
2.9
mozillabugzilla
2.23.1
mozillabugzilla
2.23.2
mozillabugzilla
2.23.3
mozillabugzilla
2.23.4
mozillabugzilla
3.0
mozillabugzilla
3.0:rc1
mozillabugzilla
3.0.0
mozillabugzilla
3.0.1
mozillabugzilla
3.0.2
mozillabugzilla
3.0.3
mozillabugzilla
3.0.4
mozillabugzilla
3.0.5
mozillabugzilla
3.0.6
mozillabugzilla
3.0.7
mozillabugzilla
3.0.8
mozillabugzilla
3.0.9
mozillabugzilla
3.0.10
mozillabugzilla
3.0.11
mozillabugzilla
3.1.0
mozillabugzilla
3.1.1
mozillabugzilla
3.1.2
mozillabugzilla
3.1.3
mozillabugzilla
3.2
mozillabugzilla
3.2.2
mozillabugzilla
3.2.3
mozillabugzilla
3.2.4
mozillabugzilla
3.2.5
mozillabugzilla
3.2.6
mozillabugzilla
3.2.7
mozillabugzilla
3.3.1
mozillabugzilla
3.3.2
mozillabugzilla
3.3.3
mozillabugzilla
3.3.4
mozillabugzilla
3.4.1
mozillabugzilla
3.4.2
mozillabugzilla
3.4.3
mozillabugzilla
3.4.4
mozillabugzilla
3.4.5
mozillabugzilla
3.4.6
mozillabugzilla
3.4.7
mozillabugzilla
3.5.1
mozillabugzilla
3.5.2
mozillabugzilla
3.5.3
mozillabugzilla
3.6
mozillabugzilla
3.6.1
mozillabugzilla
3.7
mozillabugzilla
3.7.1
mozillabugzilla
3.7.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bugzilla
dapper
ignored
hardy
ignored
jaunty
ignored
karmic
ignored
lucid
ignored
maverick
not-affected
natty
not-affected
oneiric
not-affected
precise
dne
quantal
dne
raring
dne
saucy
dne
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html
http://secunia.com/advisories/40892
http://secunia.com/advisories/41128
http://www.bugzilla.org/security/3.2.7/
http://www.securityfocus.com/bid/42275
http://www.vupen.com/english/advisories/2010/2035
http://www.vupen.com/english/advisories/2010/2205
https://bugzilla.mozilla.org/show_bug.cgi?id=583690
https://bugzilla.redhat.com/show_bug.cgi?id=623423
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html
http://secunia.com/advisories/40892
http://secunia.com/advisories/41128
http://www.bugzilla.org/security/3.2.7/
http://www.securityfocus.com/bid/42275
http://www.vupen.com/english/advisories/2010/2035
http://www.vupen.com/english/advisories/2010/2205
https://bugzilla.mozilla.org/show_bug.cgi?id=583690
https://bugzilla.redhat.com/show_bug.cgi?id=623423