CVE-2014-1546 Information

Feb 14, 2021 cve

Description

The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14 4.1.x and 4.2.x before 4.2.10 4.3.x and 4.4.x before 4.4.5 and 4.5.x before 4.5.5 accepts certain long callback values and does not restrict the initial bytes of a JSONP response which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and obtain sensitive information via a crafted OBJECT element with SWF content consistent with the _bz_callback character set.

Reference

http://advisories.mageia.org/MGASA-2014-0349.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136217.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136369.html http://www.mandriva.com/security/advisories?name=MDVSA-2014:169 http://www.securityfocus.com/archive/1/532895 http://www.securitytracker.com/id/1030648 https://bugzilla.mozilla.org/show_bug.cgi?id=1036213

Share on: