CVE-2014-8630

NONECVSS 0.0

0.0

Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name.

🔗 References (14)

security@mozillahttp://advisories.mageia.org/MGASA-2015-0048.html
security@mozillahttp://lists.fedoraproject.org/pipermail/package-announce/2015-February/149921.html
security@mozillahttp://lists.fedoraproject.org/pipermail/package-announce/2015-February/149925.html
security@mozillahttp://www.bugzilla.org/security/4.0.15/
security@mozillahttp://www.mandriva.com/security/advisories?name=MDVSA-2015:030
security@mozillahttps://bugzilla.mozilla.org/show_bug.cgi?id=1079065
security@mozillahttps://security.gentoo.org/glsa/201607-11
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2015-0048.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149921.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149925.html
af854a3a-2127-422b-91ae-364da2661108http://www.bugzilla.org/security/4.0.15/
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:030
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1079065
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201607-11

Is Your Infrastructure Affected by CVE-2014-8630?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2014-8630

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2014-8630?