Test ID:	1.3.6.1.4.1.25623.1.0.100892
Category:	Web application abuses
Title:	Bugzilla Response Splitting and Security Bypass Vulnerabilities
Summary:	Bugzilla is prone to a response-splitting vulnerability and a security-; bypass vulnerability.
Description:	Summary: Bugzilla is prone to a response-splitting vulnerability and a security- bypass vulnerability. Vulnerability Impact: Successfully exploiting these issues may allow an attacker to: - bypass certain security restrictions - obtain sensitive information - influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to install client users with a false sense of trust. Affected Software/OS: These issues affect versions prior to 3.2.9, 3.4.9, and 3.6.3. Solution: Updates are available. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3172 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050830.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050820.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050813.html http://www.securitytracker.com/id?1024683 http://secunia.com/advisories/42271 http://www.vupen.com/english/advisories/2010/2878 http://www.vupen.com/english/advisories/2010/2975 Common Vulnerability Exposure (CVE) ID: CVE-2010-3764 XForce ISS Database: bugzilla-graphs-info-disclosure(62969) https://exchange.xforce.ibmcloud.com/vulnerabilities/62969
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.