2010-08-16 17:14:12 2010-09-08 07:48:51

Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
IBM Rational Requirements Composer 3.0.1.4 IBM Rational Requirements Composer 3.0.1.5 IBM Rational Quality Manager 3.0.1 IBM Rational Quality Manager 3.0.1.1 IBM Rational Quality Manager 2.0.1.1 IBM Rational Quality Manager 3.0 IBM Rational Quality Manager 4.0.2 IBM Rational Quality Manager 4.0.3 IBM Rational Policy Tester 8.0.1.1 IBM Rational Policy Tester 8.5.0.2 IBM Rational Quality Manager 4.0.0.1 IBM Rational Policy Tester 8.5.0.0 IBM Rational Quality Manager 4.0.0.2 IBM Rational Policy Tester 8.5.0.1 IBM Rational Policy Tester 8.0.1.0 IBM Rational Quality Manager 4.0.1 IBM Rational Policy Tester 8.5.0.5 IBM Rational Quality Manager 2.0 IBM Rational Policy Tester 8.5.0.3 IBM Rational Policy Tester 5.5.0.0 IBM Rational Policy Tester 8.5.0.4 IBM Rational Policy Tester 5.5.0.1 IBM Rational Service Tester 8.5.0.2 IBM Rational Quality Manager 2.0.0.1 IBM Rational Quality Manager 2.0.0.2 IBM Rational Team Concert (RTC) 4.0.5 IBM Rational Policy Tester 5.6.0.0 IBM Rational Policy Tester 5.5.0.2 IBM Rational Quality Manager 5.0.1 IBM Rational Requirements Composer 1.0 IBM Rational Quality Manager 5.0.2 IBM Rational Requirements Composer 1.0.0.1 IBM Rational Requirements Composer 3.0.1.6 IBM Rational Quality Manager 3.0.1.3 IBM Rational Policy Tester 8.0.0.1 IBM Rational Requirements Composer 3.0.1.1 IBM Rational Requirements Composer 2.0.0.2 IBM Rational Service Tester 8.5.0 IBM Rational Requirements Composer 3.0.1.3 IBM Rational Requirements Composer 3.0.1.2 IBM Rational Requirements Composer 4.0.2 IBM Rational Quality Manager 2.0.1 IBM Rational Requirements Composer 4.0.1 IBM Rational Requirements Composer 4.0.0.2 IBM Rational Requirements Composer 4.0.0.1 IBM Rational Policy Tester 5.6.0.1 IBM Rational Service Tester 8.5.0.1 IBM Rational Policy Tester 8.0.0.2 IBM Rational Quality Manager 4.0.4 IBM Rational Policy Tester 5.6.0.2 IBM Rational Policy Tester 8.0.0.0 IBM Rational Policy Tester 5.6.0.3