Bugtraq mailing list archives

Re: CVE-2007-3382: Handling of cookies containing a ' character

From: Christopher Schultz <chris () christopherschultz net>
Date: Tue, 14 Aug 2007 11:52:22 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

Mark Thomas wrote:

CVE-2007-3382: Handling of cookies containing a ' character

Versions Affected:
5.5.0 to 5.5.24


Since 5.5.24 isn't yet released, will an upcoming 5.5.24 release include
a fix for this problem given:

Mitigation:
Upgrade to 6.0.14


?

Thanks,
- -chris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGwc+29CaO5/Lv0PARAug2AJ98oeF8HRLiXIqqzDEazknml6N/pwCgiNkO
+SIMwuOKQWDG0lkT1okzO7I=
=6jSG
-----END PGP SIGNATURE-----

Current thread:

CVE-2007-3382: Handling of cookies containing a ' character Mark Thomas (Aug 14)
- Re: CVE-2007-3382: Handling of cookies containing a ' character Christopher Schultz (Aug 14)