oss-sec mailing list archives
Re: CVE request: phpbb 3.0.7 and before 3.0.5
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 19 May 2010 18:59:42 -0400 (EDT)
On Wed, 19 May 2010, Josh Bressers wrote:
----- "Hanno Böck" <hanno () hboeck de> wrote:Am Dienstag 18 Mai 2010 schrieb Josh Bressers:http://www.phpbb.com/community/viewtopic.php?f=14&p=9764445 # [Sec] Only use forum id supplied for posting if global announcement detected. (Reported by nickvergessen) CVE-2010-1630 phpbb 3.0.5 unspecified flawShouldn't this be CVE-2009-XXXX ?
Ideally yes, but the ID is out there so we may as well use it. This happens sometimes. It doesn't look like it became "widely public" until a couple months ago, so a 2010 ID isn't too bad.
- Steve
Current thread:
- CVE request: phpbb 3.0.7 and before 3.0.5 Hanno Böck (May 16)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Josh Bressers (May 18)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Steven M. Christey (May 18)
- <Possible follow-ups>
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Josh Bressers (May 18)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Hanno Böck (May 19)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Josh Bressers (May 19)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Steven M. Christey (May 19)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Hanno Böck (May 19)
- Message not available
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Thijs Kinkhorst (May 19)
- Re: CVE request: phpbb 3.0.7 and before 3.0.5 Josh Bressers (May 18)