Vulnerabilities

CVE-2003-1044

by Fred · 03/06/2004

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

Date published : 2004-06-03

http://www.securityfocus.com/bid/8953

http://www.securityfocus.com/archive/1/343185

Similar

Tags: Cybersecurity Alert