What is the severity of CVE-2003-1043?

CVE-2003-1043 is considered a high severity vulnerability due to its potential to allow unauthorized SQL commands.

How do I fix CVE-2003-1043?

To fix CVE-2003-1043, upgrade Bugzilla to a version later than 2.17.4 or apply appropriate patches provided by the Bugzilla security team.

Who is affected by CVE-2003-1043?

CVE-2003-1043 affects authenticated users with editkeywords privileges on Bugzilla versions 2.16.3 and earlier as well as specific versions up to 2.17.4.

What types of attacks can CVE-2003-1043 enable?

CVE-2003-1043 allows attackers to execute arbitrary SQL commands, potentially compromising the integrity of the Bugzilla database.

Is user authentication sufficient to mitigate CVE-2003-1043?

No, user authentication alone is not sufficient to mitigate CVE-2003-1043 as it specifically exploits the privileges of authenticated users.

Vulnerability/
CVE-2003-1043

critical

CWE

NVD-CWE-Other 89

3/6/2004

8/8/2024

CVE-2003-1043: SQL Injection

First published: Thu Jun 03 2004(Updated: )

SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Bugzilla	=2.16.1
Mozilla Bugzilla	=2.16.2
Mozilla Bugzilla	=2.17.4
Mozilla Bugzilla	=2.10
Mozilla Bugzilla	=2.17.1
Mozilla Bugzilla	=2.16
Mozilla Bugzilla	=2.14.2
Mozilla Bugzilla	=2.14.3
Mozilla Bugzilla	=2.14.4
Mozilla Bugzilla	=2.14.5
Mozilla Bugzilla	=2.4
Mozilla Bugzilla	=2.6
Mozilla Bugzilla	=2.8
Mozilla Bugzilla	=2.14.1
Mozilla Bugzilla	=2.17.3
Mozilla Bugzilla	=2.12
Mozilla Bugzilla	=2.14
Mozilla Bugzilla	=2.16.3

Remedy

http://www.securityfocus.com/bid/8953

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-1043?
CVE-2003-1043 is considered a high severity vulnerability due to its potential to allow unauthorized SQL commands.
How do I fix CVE-2003-1043?
To fix CVE-2003-1043, upgrade Bugzilla to a version later than 2.17.4 or apply appropriate patches provided by the Bugzilla security team.
Who is affected by CVE-2003-1043?
CVE-2003-1043 affects authenticated users with editkeywords privileges on Bugzilla versions 2.16.3 and earlier as well as specific versions up to 2.17.4.
What types of attacks can CVE-2003-1043 enable?
CVE-2003-1043 allows attackers to execute arbitrary SQL commands, potentially compromising the integrity of the Bugzilla database.
Is user authentication sufficient to mitigate CVE-2003-1043?
No, user authentication alone is not sufficient to mitigate CVE-2003-1043 as it specifically exploits the privileges of authenticated users.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/last-modified-date
agent/author
agent/weakness
agent/references
agent/tags
agent/event
agent/description
agent/first-publish-date
agent/source
vendor/mozilla
canonical/mozilla bugzilla
version/mozilla bugzilla/2.16.1
version/mozilla bugzilla/2.16.2
version/mozilla bugzilla/2.17.4
version/mozilla bugzilla/2.10
version/mozilla bugzilla/2.17.1
version/mozilla bugzilla/2.16
version/mozilla bugzilla/2.14.2
version/mozilla bugzilla/2.14.3
version/mozilla bugzilla/2.14.4
version/mozilla bugzilla/2.14.5
version/mozilla bugzilla/2.4
version/mozilla bugzilla/2.6
version/mozilla bugzilla/2.8
version/mozilla bugzilla/2.14.1
version/mozilla bugzilla/2.17.3
version/mozilla bugzilla/2.12
version/mozilla bugzilla/2.14
version/mozilla bugzilla/2.16.3

Frequently Asked Questions

What is the severity of CVE-2003-1043?
CVE-2003-1043 is considered a high severity vulnerability due to its potential to allow unauthorized SQL commands.
How do I fix CVE-2003-1043?
To fix CVE-2003-1043, upgrade Bugzilla to a version later than 2.17.4 or apply appropriate patches provided by the Bugzilla security team.
Who is affected by CVE-2003-1043?
CVE-2003-1043 affects authenticated users with editkeywords privileges on Bugzilla versions 2.16.3 and earlier as well as specific versions up to 2.17.4.
What types of attacks can CVE-2003-1043 enable?
CVE-2003-1043 allows attackers to execute arbitrary SQL commands, potentially compromising the integrity of the Bugzilla database.
Is user authentication sufficient to mitigate CVE-2003-1043?
No, user authentication alone is not sufficient to mitigate CVE-2003-1043 as it specifically exploits the privileges of authenticated users.

CVE-2003-1043: SQL Injection

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-1043?

How do I fix CVE-2003-1043?

Who is affected by CVE-2003-1043?

What types of attacks can CVE-2003-1043 enable?

Is user authentication sufficient to mitigate CVE-2003-1043?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2003-1043?

How do I fix CVE-2003-1043?

Who is affected by CVE-2003-1043?

What types of attacks can CVE-2003-1043 enable?

Is user authentication sufficient to mitigate CVE-2003-1043?