oss-sec mailing list archives
Re: CVE request: lxr
From: Josh Bressers <bressers () redhat com>
Date: Fri, 14 May 2010 15:28:44 -0400 (EDT)
----- "Dan Rosenberg" <dan.j.rosenberg () gmail com> wrote:
Sorry for not making this explicitly clear. There are three issues:
1. XSS in the ident parameter, as described in CVE-2009-4497.
2. XSS that is reflected via the search results page after issuing a
search.
3. XSS that is reflected via the <title> tag on the search page, as
described in Raphael's original e-mail a few days ago, which Josh just
assigned CVE-2010-1448.
Bugs 1 and 2 were fixed simultaneously, as indicated in the 2010-01-05
changelog entry for LXR:
2010-01-05 18:00 mbox
* ident, search: Fix for CVE-2009-4497 from Dan Rosenberg
Avoid a XSS vulnerability
Bug 3 was fixed a few days later on 2010-01-15, as indicated by:
2010-01-15 23:23 mbox
* lib/LXR/Common.pm: Fix XSS exploit in title string
So, while my original intent at the time of disclosure was to have a
single CVE identifier assigned to cover all three of these issues, that
obviously did not happen. As it stands, bugs 1 and 3 have their own CVE
identifiers, and bug 2 remains unassigned.
Sorry this took so long. CVE-2010-1625 lxr lib/LXR/Common.pm: Fix XSS exploit in title string The diff is here: http://lxr.cvs.sourceforge.net/viewvc/lxr/lxr/lib/LXR/Common.pm?r1=1.63&r2=1.64 Thanks -- JB
Current thread:
- CVE request: lxr Raphael Geissert (May 02)
- Re: CVE request: lxr Dan Rosenberg (May 03)
- Re: CVE request: lxr Henri Salo (May 03)
- Re: CVE request: lxr Josh Bressers (May 03)
- Re: CVE request: lxr Henri Salo (May 03)
- Re: CVE request: lxr Dan Rosenberg (May 03)
- Re: CVE request: lxr Henri Salo (May 03)
- Re: CVE request: lxr Steven M. Christey (May 06)
- Re: CVE request: lxr Dan Rosenberg (May 06)
- Re: CVE request: lxr Josh Bressers (May 14)
- Re: CVE request: lxr Dan Rosenberg (May 14)
- Re: CVE request: lxr Josh Bressers (May 14)
- Re: CVE request: lxr Dan Rosenberg (May 03)