mailing list archives
Re: CVE request: mwlib < 0.13.5 DoS flaw
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 05 Mar 2012 14:54:54 -0700
On 03/05/2012 10:06 AM, Vincent Danen wrote:
Could a CVE be assigned to the following please?
It was reported that mwlib suffered from a flaw that could allow a
remote attacker to perform a denial of service attack on a mwlib
installation by forcing it to parse a specially-crafted #iferror magic
function. This has been corrected in upstream version 0.13.5.
Please use CVE-2012-1109 for this issue.
Kurt Seifried Red Hat Security Response Team (SRT)