oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: html2ps

From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Fri, 05 Oct 2012 06:49:41 -0400
Hello,

I don't believe a CVE was ever assigned to this html2ps flaw in 2009:

Directory traversal vulnerability in html2ps before 1.0b7 allows remote
attackers to read arbitrary files via directory traversal sequences in
SSI directives

See:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548633
https://bugzilla.redhat.com/show_bug.cgi?id=526513
http://packetstormsecurity.org/files/81614/html2ps-1.0-beta5-File-Disclosure.html

Thanks,

Marc.



-- 
Marc Deslauriers
Ubuntu Security Engineer     | http://www.ubuntu.com/
Canonical Ltd.               | http://www.canonical.com/
Previous By Date Next
Previous By Thread Next

Current thread: