mailing list archives
Re: CVE-request: appRain CMF uploadify.php File Upload Remote PHP Code Execution
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 09 Mar 2012 23:18:15 -0700
On 03/09/2012 01:47 AM, Henri Salo wrote:
Can I get CVE-identifier for this security vulnerability, thank you.
Discovered and vendor informed: 2011-12-19
Vendor ack: 2011-12-20
Disclosure and exploit: 2012-01-19
Does this get 2011 or 2012 ID?
- Henri Salo
Generally public disclosure otherwise we get to play insane "when did
this become a security issue philosophy games", plus pragmatically
public issue = known = can assign a CVE =).
Please use CVE-2012-1153 for this issue.
Kurt Seifried Red Hat Security Response Team (SRT)