CVE-2006-5454

N/A Unknown

Published: October 23, 2006 Modified: April 23, 2026

Description

Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) the description of arbitrary attachments by viewing the attachment in "diff" mode in attachment.cgi, and (2) the deadline field by viewing the XML format of the bug in show_bug.cgi.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/22409

Source: cve@mitre.org

http://secunia.com/advisories/22790

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200611-04.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/1760

Source: cve@mitre.org

http://securitytracker.com/id?1017064

Source: cve@mitre.org

Patch

http://www.bugzilla.org/security/2.18.5/

Source: cve@mitre.org

http://www.osvdb.org/29546

Source: cve@mitre.org

http://www.osvdb.org/29547

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/448777/100/100/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20538

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/4035

Source: cve@mitre.org

https://bugzilla.mozilla.org/show_bug.cgi?id=346086

Source: cve@mitre.org

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=346564

Source: cve@mitre.org

Patch

http://secunia.com/advisories/22409

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22790

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200611-04.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/1760

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1017064

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.bugzilla.org/security/2.18.5/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/29546

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/29547

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/448777/100/100/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/20538

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/4035

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/show_bug.cgi?id=346086

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=346564

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

Exploitation Status

Not in CISA KEV

Affected Vendors

mozilla