A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software. Bugzilla is expected today to issue a fix for this very serious weakness, which potentially exposes a veritable gold mine of vulnerabilities that would be highly prized by cyber criminals and nation-state actors.
more here..........http://krebsonsecurity.com/2014/10/bugzilla-zero-day-exposes-zero-day-bugs/
more here..........http://krebsonsecurity.com/2014/10/bugzilla-zero-day-exposes-zero-day-bugs/