Lpsolit

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 3.x through 3.6.11 Bugzilla versions 3.7.x Bugzilla versions 4.0.x through 4.0.8 Bugzilla versions 4.1.x Bugzilla versions 4.2.x through 4.2.3 Bugzilla versions 4.3.x through 4.4rc1 **Description** The issue allows remote attackers to obtain sensitive information by reading HTML source code, specifically in circumstances involving custom-field visibility control. This occurs because the `template/en/default/bug/field-events.js.tmpl` file generates JavaScript function calls containing private product names or private component names. **Recommendations** For Bugzilla versions 3.x through 3.6.11, update to version 3.6.12 or later. For Bugzilla versions 3.7.x, update to version 4.0.9 or later. For Bugzilla versions 4.0.x through 4.0.8, update to version 4.0.9 or later. For Bugzilla versions 4.1.x, update to version 4.2.4 or later. For Bugzilla versions 4.2.x through 4.2.3, update to version 4.2.4 or later. For Bugzilla versions 4.3.x through 4.4rc1, update to version 4.4rc1 or later.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.x through 3.6.10 Bugzilla versions 3.7.x through 4.0.7 Bugzilla versions 4.1.x through 4.2.2 Bugzilla versions 4.3.x through 4.3.2 **Description** The issue allows remote attackers to potentially inject data into an LDAP directory via a crafted login attempt due to the lack of character restriction in usernames. **Recommendations** For versions 2.x through 3.6.10, update to version 3.6.11 or later. For versions 3.7.x through 4.0.7, update to version 4.0.8 or later. For versions 4.1.x through 4.2.2, update to version 4.2.3 or later. For versions 4.3.x through 4.3.2, update to version 4.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.22.7 through 2.23.3 Bugzilla versions 3.0.x through 3.3.x Bugzilla versions 3.4.x before 3.4.12 Bugzilla versions 3.5.x Bugzilla versions 3.6.x before 3.6.6 Bugzilla versions 3.7.x Bugzilla versions 4.0.x before 4.0.2 Bugzilla versions 4.1.x before 4.1.3 **Description** The issue allows remote attackers to determine the existence of private group names via a crafted parameter during bug creation or bug editing. **Recommendations** For versions 2.22.7 through 2.23.3, update to a version outside of this range to resolve the issue. For versions 3.0.x through 3.3.x, update to a version outside of this range to resolve the issue. For versions 3.4.x before 3.4.12, update to version 3.4.12 or later to resolve the issue. For versions 3.5.x, update to a version outside of this range to resolve the issue. For versions 3.6.x before 3.6.6, update to version 3.6.6 or later to resolve the issue. For versions 3.7.x, update to a version outside of this range to resolve the issue. For versions 4.0.x before 4.0.2, update to version 4.0.2 or later to resolve the issue. For versions 4.1.x before 4.1.3, update to version 4.1.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 3.0.11 and earlier, 3.2.x through 3.2.5, 3.4.x through 3.4.4, 3.5.x through 3.5.2 **Description** The issue allows remote attackers to obtain sensitive information by requesting specific files and directories used by custom installations, including (1) `CVS/`, (2) `contrib/`, (3) `docs/en/xml/`, (4) `t/`, or (5) `old-params.txt`. **Recommendations** For Bugzilla versions 3.0.11 and earlier, update to version 3.0.11 or later. For Bugzilla versions 3.2.x through 3.2.5, update to version 3.2.6 or later. For Bugzilla versions 3.4.x through 3.4.4, update to version 3.4.5 or later. For Bugzilla versions 3.5.x through 3.5.2, update to version 3.5.3 or later.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.19.3 through 2.20 **Description** The issue arises from improper handling of "//" sequences in URLs when redirecting a user from the login form. This could lead to the generation of a partial URL in a form action, causing the user's browser to send form data to another domain. **Recommendations** For versions 2.19.3 through 2.20, consider modifying the URL handling mechanism to properly process "//" sequences and prevent the generation of partial URLs that could redirect form data to unintended domains. As a temporary workaround, restrict the use of the login form until a proper fix is implemented.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.10 through 2.18 Bugzilla version 2.19.1 Bugzilla version 2.19.2 **Description** The issue allows remote attackers to determine hidden products by exploiting a difference in error messages displayed by the software, depending on whether a product exists or not. **Recommendations** For Bugzilla versions 2.10 through 2.18, update to a version that does not display different error messages based on product existence to prevent exploitation. For Bugzilla version 2.19.1, modify the error message handling to prevent disclosure of hidden products. For Bugzilla version 2.19.2, adjust the product existence check to return a uniform error message, preventing attackers from determining hidden products.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.10 through 2.18 Bugzilla version 2.19.1 Bugzilla version 2.19.2 **Description** The issue allows remote authenticated users to enter bugs into products that are closed for bug entry by modifying the URL to specify the name of the product. This is possible due to a flaw in the post bug.cgi script. **Recommendations** For Bugzilla versions 2.10 through 2.18, update the post bug.cgi script to properly validate product permissions. For Bugzilla version 2.19.1, restrict access to the post bug.cgi script until a proper fix is applied. For Bugzilla version 2.19.2, consider disabling the post bug.cgi script temporarily to prevent unauthorized bug entry.