oss-sec mailing list archives
Re: [oCERT-2011-001] Chyrp input sanitization errors
From: "Steven M. Christey" <coley () rcf-smtp mitre org>
Date: Wed, 13 Jul 2011 17:02:29 -0400 (EDT)
On Wed, 13 Jul 2011, Andrea Barisani wrote:
http://www.justanotherhacker.com/advisories/JAHx113.txt
This advisory covers 3 CVEs (but the oCERT advisory only seems to cover the first two):
XSS: CVE-2011-2743 LFI/directory traversal: CVE-2011-2744 file upload: CVE-2011-2745 - Steve
Permalink: http://www.ocert.org/advisories/ocert-2011-001.html -- Andrea Barisani | Founder & Project Coordinator oCERT | OSS Computer Security Incident Response Team <lcars () ocert org> http://www.ocert.org 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E "Pluralitas non est ponenda sine necessitate"
Current thread:
- [oCERT-2011-001] Chyrp input sanitization errors Andrea Barisani (Jul 13)
- Re: [oCERT-2011-001] Chyrp input sanitization errors Steven M. Christey (Jul 13)