Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Moodle security notifications public
From: cve-assign () mitre org
Date: Fri, 21 Mar 2014 21:35:53 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MSA-14-0004: Incorrect filtering in Quiz
CVE identifier:    Pending

This is assigned CVE-2014-2571.


MSA-14-0008: Cross site scripting potential in Flowplayer
CVE identifier:    Pending

This is assigned CVE-2013-7341. As far as we know, the relevant
Flowplayer upstream references are:

  http://flash.flowplayer.org/documentation/version-history.html
  https://github.com/flowplayer/flash/issues/121

and the first fixed upstream version was 3.2.17 (but 3.2.18 is
preferable for usability reasons).


MSA-14-0013: Unfiltered data used in Assignment web services
CVE identifier:    Pending

This is assigned CVE-2014-2572.


These should be available soon:

  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2571
  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7341
  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2572

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTLOdPAAoJEKllVAevmvmsLzUH/0BgYc8195oRg/NfrunnGcMw
j0eXA0uBDry3Brhj2j4yExP2DdpAyEs9x3/sLGH9PgdxCmsx4UeICoW9q5S7YhY6
mC018aqO/IXm56vrBg1YYF9FWE6A6vUQKLZ6uvBwKaz9/8v3OMpRizCxYO429t9W
Qa2JxllxCoerY15OIRZ9evvG502XM7luXZ+EIhybqRRI7lCDkKeNFK6Ix7dZxttE
4PuxiB/MUGxYLlwl4OORvrqPlMQpv3+j7MPRVh+5YvRel+pGSSj3wQc5fFxdp0ZX
5howdAY1E2Oes4R5K0yPYi2bZTiLbzR30KlPuPK9LeeAbI255PwaHw5u6CP2Nvw=
=1vea
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault