Home page logo

oss-sec logo oss-sec mailing list archives

Re: [oCERT-2011-001] Chyrp input sanitization errors
From: "Steven M. Christey" <coley () rcf-smtp mitre org>
Date: Wed, 13 Jul 2011 17:02:29 -0400 (EDT)

On Wed, 13 Jul 2011, Andrea Barisani wrote:


This advisory covers 3 CVEs (but the oCERT advisory only seems to cover the first two):

XSS: CVE-2011-2743

LFI/directory traversal: CVE-2011-2744

file upload: CVE-2011-2745

- Steve


Andrea Barisani |                Founder & Project Coordinator
         oCERT | OSS Computer Security Incident Response Team

<lcars () ocert org>                         http://www.ocert.org
0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
       "Pluralitas non est ponenda sine necessitate"

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]