oss-sec mailing list archives
CVE Request: html2ps
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Fri, 05 Oct 2012 06:49:41 -0400
Hello, I don't believe a CVE was ever assigned to this html2ps flaw in 2009: Directory traversal vulnerability in html2ps before 1.0b7 allows remote attackers to read arbitrary files via directory traversal sequences in SSI directives See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548633 https://bugzilla.redhat.com/show_bug.cgi?id=526513 http://packetstormsecurity.org/files/81614/html2ps-1.0-beta5-File-Disclosure.html Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Current thread:
- CVE Request: html2ps Marc Deslauriers (Oct 05)
- Re: CVE Request: html2ps Kurt Seifried (Oct 05)
- Re: CVE Request: html2ps Moritz Muehlenhoff (Oct 07)
- Re: CVE Request: html2ps Kurt Seifried (Oct 05)