CVE-2010-2759

2010-08-16 17:14:12 2010-09-08 07:48:51

Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

IBM Rational Requirements Composer 3.0.1.4 IBM Rational Requirements Composer 3.0.1.5 IBM Rational Quality Manager 3.0.1 IBM Rational Quality Manager 3.0.1.1 IBM Rational Quality Manager 2.0.1.1 IBM Rational Quality Manager 3.0 IBM Rational Quality Manager 4.0.2 IBM Rational Quality Manager 4.0.3 IBM Rational Policy Tester 8.0.1.1 IBM Rational Policy Tester 8.5.0.2 IBM Rational Quality Manager 4.0.0.1 IBM Rational Policy Tester 8.5.0.0 IBM Rational Quality Manager 4.0.0.2 IBM Rational Policy Tester 8.5.0.1 IBM Rational Policy Tester 8.0.1.0 IBM Rational Quality Manager 4.0.1 IBM Rational Policy Tester 8.5.0.5 IBM Rational Quality Manager 2.0 IBM Rational Policy Tester 8.5.0.3 IBM Rational Policy Tester 5.5.0.0 IBM Rational Policy Tester 8.5.0.4 IBM Rational Policy Tester 5.5.0.1 IBM Rational Service Tester 8.5.0.2 IBM Rational Quality Manager 2.0.0.1 IBM Rational Quality Manager 2.0.0.2 IBM Rational Team Concert (RTC) 4.0.5 IBM Rational Policy Tester 5.6.0.0 IBM Rational Policy Tester 5.5.0.2 IBM Rational Quality Manager 5.0.1 IBM Rational Requirements Composer 1.0 IBM Rational Quality Manager 5.0.2 IBM Rational Requirements Composer 1.0.0.1 IBM Rational Requirements Composer 3.0.1.6 IBM Rational Quality Manager 3.0.1.3 IBM Rational Policy Tester 8.0.0.1 IBM Rational Requirements Composer 3.0.1.1 IBM Rational Requirements Composer 2.0.0.2 IBM Rational Service Tester 8.5.0 IBM Rational Requirements Composer 3.0.1.3 IBM Rational Requirements Composer 3.0.1.2 IBM Rational Requirements Composer 4.0.2 IBM Rational Quality Manager 2.0.1 IBM Rational Requirements Composer 4.0.1 IBM Rational Requirements Composer 4.0.0.2 IBM Rational Requirements Composer 4.0.0.1 IBM Rational Policy Tester 5.6.0.1 IBM Rational Service Tester 8.5.0.1 IBM Rational Policy Tester 8.0.0.2 IBM Rational Quality Manager 4.0.4 IBM Rational Policy Tester 5.6.0.2 IBM Rational Policy Tester 8.0.0.0 IBM Rational Policy Tester 5.6.0.3

Mozilla - Bugzilla

Advisory	Patch	Confirmed	Link
			https://bugzilla.redhat.com/show_bug.cgi?id=623423
			https://bugzilla.mozilla.org/show_bug.cgi?id=583690
			ADV-2010-2205
			ADV-2010-2035
			42275
			http://www.bugzilla.org/security/3.2.7/
			41128
			40892
			FEDORA-2010-13086
			FEDORA-2010-13072
			FEDORA-2010-13171

Numeric Errors (ID 189)