Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2009-0482

CVE-2009-0482

UNKNOWN

Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3

Published Feb 9, 2009

Modified 1 years ago

Details

Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.

References

http://secunia.com/advisories/34361

http://www.bugzilla.org/security/2.22.6/

http://www.securityfocus.com/bid/33580

https://www.cve.org/CVERecord?id=CVE-2009-0482

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00664.html

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00687.html

CVSS Analysis

CVSS v2.0

5.8

Exploitability

Access Vector

NetworkAV:N

Access Complexity

MediumAC:M

Authentication

NoneAu:N

Impact

Confidentiality

NoneC:N

Integrity

PartialI:P

Availability

PartialA:P

5.8/AV:N/AC:M/Au:N/C:N/I:P/A:P

Ecosystems

Timeline

PublishedFeb 9, 2009

ModifiedAug 7, 2024

CVE-2009-0482 | Mondoo Vulnerability Intelligence