oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: PDF XSS in ModSecurity / apache2 mod_security 2.5.8

From: Marcus Meissner <meissner () suse de>
Date: Wed, 3 Jun 2009 17:59:54 +0200
Hi,

There also is a PDF XSS in ModSecurity <2.5.8

https://sourceforge.net/project/shownotes.php?release_id=667538&group_id=68846
http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=rev&revision=1255

"Discovered by Steve Grubb at Redhat", so perhaps there 
already is a CVE.

Ciao, Marcus
Previous By Date Next
Previous By Thread Next

Current thread: