oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE id request: TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core

From: "Thijs Kinkhorst" <thijs () debian org>
Date: Thu, 12 Jun 2008 09:55:50 +0200 (CEST)
Hi,

Does anyone already have a CVE id, or could I get one (probably two)
assigned for, the following TYPO3 security announcement:

http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/

Vulnerability #1: Default value of fileDenyPattern allows arbitrary code
execution on Apache
Vulnerability #2: fe_adminlib.inc allows Cross Site Scripting


cheers,
Thijs
Previous By Date Next
Previous By Thread Next

Current thread: