Full Disclosure mailing list archives
Re: CVE-2007-3382: Handling of cookies containing a ' character
From: Christopher Schultz <chris () christopherschultz net>
Date: Tue, 14 Aug 2007 11:52:22 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mark, Mark Thomas wrote:
CVE-2007-3382: Handling of cookies containing a ' character Versions Affected: 5.5.0 to 5.5.24
Since 5.5.24 isn't yet released, will an upcoming 5.5.24 release include a fix for this problem given:
Mitigation: Upgrade to 6.0.14
? Thanks, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGwc+29CaO5/Lv0PARAug2AJ98oeF8HRLiXIqqzDEazknml6N/pwCgiNkO +SIMwuOKQWDG0lkT1okzO7I= =6jSG -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- CVE-2007-3382: Handling of cookies containing a ' character Mark Thomas (Aug 14)
- Re: CVE-2007-3382: Handling of cookies containing a ' character Christopher Schultz (Aug 14)
- Re: CVE-2007-3382: Handling of cookies containing a ' character Ismail Dönmez (Aug 14)
- Re: CVE-2007-3382: Handling of cookies containing a ' character Christopher Schultz (Aug 14)