[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: ViewVC 1.1.5 / 1.0.11 -- XSS via
From: "Steven M. Christey" <coley () linus ! mitre ! org>
Date: 2010-03-30 17:49:08
Message-ID: Pine.GSO.4.64.1003301346480.4709 () faron ! mitre ! org
[Download RAW message or body]
On Tue, 30 Mar 2010, Reed Loden wrote:
> Apparently, Secunia has already assigned this CVE-2010-0132, as per
> their advisory that just came out...
>
> http://secunia.com/secunia_research/2010-26/
>
> Again, still need a CVE for the XSS fix in ViewVC 1.1.4 and 1.1.10,
> however.
Here's what I have:
CVE-2010-0736 - XSS in view_queryform (lib/viewvc.py) in 1.1.x before
1.1.4, and 1.0 before 1.0.10. (Note that Vincent Danen assigned a CVE
last week at http://www.openwall.com/lists/oss-security/2010/03/16/14)
CVE-2010-0132 - Secunia-assigned; for "regular expression search" before
1.0.11 / 1.1.5
- Steve
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic