CVE-2005-1564 Information

Description

post_bug.cgi in Bugzilla 2.10 through 2.18 2.19.1 and 2.19.2 allows remote authenticated users to \enter bugs into products that are closed for bug entry\ by modifying the URL to specify the name of the product.

Reference

http://marc.info/?l=bugtraq&m=111592031902962&w=2 http://secunia.com/advisories/15338 http://www.bugzilla.org/security/2.16.8/ http://www.osvdb.org/16426 https://bugzilla.mozilla.org/show_bug.cgi?id=287109 https://exchange.xforce.ibmcloud.com/vulnerabilities/42797