CVE-2003-1044

N/A Unknown

Published: August 18, 2004 Modified: April 16, 2026

Description

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugzilla.mozilla.org/show_bug.cgi?id=219690

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/343185

Source: cve@mitre.org

http://www.securityfocus.com/bid/8953

Source: cve@mitre.org

Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/13597

Source: cve@mitre.org

http://bugzilla.mozilla.org/show_bug.cgi?id=219690

Source: af854a3a-2127-422b-91ae-364da2661108

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/343185

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/8953

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/13597

Source: af854a3a-2127-422b-91ae-364da2661108

10 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.7%

73th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

mozilla