Home page logo

oss-sec logo oss-sec mailing list archives

CVE request: Cantata vulnerability
From: Sergey Popov <pinkbyte () gentoo org>
Date: Mon, 20 Jan 2014 14:30:15 +0400

I would like to request CVE for vulnerability in Cantata[1], which
allows attacker to steal valuable information from user's home directory
via internal HTTP server, that are not properly handled requests and
allows to download every file it has access to from host, where it runs.

More details can be acquired from upstream bugreport[2].

[1] - https://code.google.com/p/cantata/
[2] - https://code.google.com/p/cantata/issues/detail?id=356

Best regards, Sergey Popov
Gentoo developer
Gentoo Desktop Effects project lead
Gentoo Qt project lead
Gentoo Proxy maintainers project lead

Attachment: signature.asc
Description: OpenPGP digital signature

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]