Authentication Bypass in Bugzilla Affects LDAP Usernames
CVE-2012-3981

Currently unrated

Key Information:

Vendor

Mozilla
Status
Bugzilla
Vendor
CVE Published:
4 September 2012

What is CVE-2012-3981?

The vulnerability exists in the Auth/Verify/LDAP.pm component of Bugzilla, where insufficient character restrictions on usernames allow attackers to launch crafted login attempts that could manipulate an LDAP directory. This flaw exposes the system to potential data integrity risks as malicious users may exploit it to inject unauthorized data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/85072
vdb-entryx_refsource_OSVDB
https://bugzilla.mozilla.org/show_bug.cgi?id=785470
x_refsource_CONFIRM
http://www.bugzilla.org/security/3.6.10/
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.