oss-sec mailing list archives
[Fwd: Cross-Site Scripting in Banshee DAAP Extension]
From: Anthony <tony () outpost24 com>
Date: Mon, 30 Mar 2009 15:52:48 +0200
I've notified Redhat and the Novell/SuSE security teams about a vulnerability in Banshee's DAAP extension. I have requested a CVE name for this. I will update this list when I have received the actual CVE name.
--- Begin Message --- From: Anthony <tony () outpost24 com>
Date: Mon, 30 Mar 2009 11:38:21 +0200
I would like to reserve a CVE name for a cross-site scripting vulnerability in the DAAP extension of Banshee. A description of the vulnerability can be found in the GNOME bugzilla (http://bugzilla.gnome.org/show_bug.cgi?id=577270). I have notified the RedHat and SuSE/Novell security teams. I consider the bugzilla a notification to the upstream vendor (which also happens to be Novell anyway). Upstream vendor is aware that I'm requesting this CVE name. I'm still waiting for RHSA and SUSE-SA numbers. I'll follow up when I have them. Thank you in advance, - Tony
--- End Message ---
Current thread:
- [Fwd: Cross-Site Scripting in Banshee DAAP Extension] Anthony (Mar 30)
- Re: [Fwd: Cross-Site Scripting in Banshee DAAP Extension] Steven M. Christey (Mar 30)