CVE-2006-0913

NameCVE-2006-0913
DescriptionSQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs354457

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bugzillasourcewoody(not affected)
bugzillasourcesarge(not affected)
bugzillasource(unstable)2.20.1-1high354457

Notes

[woody] - bugzilla <not-affected> (Only 2.17 and above are affected)
[sarge] - bugzilla <not-affected> (Only 2.17 and above are affected)
Search for package or bug name: Reporting problems