CVE-2011-3667

Bugzilla <4.0.3 - RCE

Title source: llm

Description

The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message.

References (4)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2011-12/0184.html

[Vendor Advisory] http://www.bugzilla.org/security/3.4.12/

[Issue Tracking] https://bugzilla.mozilla.org/show_bug.cgi?id=711714

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/72042

Scores

EPSS 0.0046

EPSS Percentile 64.0%

Classification

CWE

CWE-287

Status draft

Affected Products (50)

mozilla/bugzilla

... and 35 more

Timeline

Published Jan 02, 2012

Tracked Since Feb 18, 2026