Vulnerabilities

CVE-2011-2381

by Fred · 09/08/2011

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.

Date published : 2011-08-09

http://www.securityfocus.com/bid/49042

http://www.bugzilla.org/security/3.4.11/

Similar

Tags: Cybersecurity Alert