← CVECheck
HomeVulnerabilities

CVE-2001-0329 — HIGH severity vulnerability (Bugzilla 2.10 allows remote attackers to execute arbitrary c)

Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.

CVE IDCVE-2001-0329
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-06-27
Last modified2026-04-16
DescriptionBugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →