1. Home
  2. CVE Database
  3. CVE-2010-2759
MEDIUM · 4.0

CVE-2010-2759

Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, ...

Vulnerability Description

Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
MozillaBugzilla2.4

Related Weaknesses (CWE)

CWE-189

References

FAQ

What is CVE-2010-2759?

CVE-2010-2759 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, ...

How severe is CVE-2010-2759?

CVE-2010-2759 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-2759?

Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Bugzilla.