[Secure-testing-commits] r8079 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Tue Feb 5 16:13:44 UTC 2008
Author: nion
Date: 2008-02-05 16:13:43 +0000 (Tue, 05 Feb 2008)
New Revision: 8079
Modified:
data/CVE/list
Log:
new issue: wordpress, cve id pending
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-05 12:16:13 UTC (rev 8078)
+++ data/CVE/list 2008-02-05 16:13:43 UTC (rev 8079)
@@ -1,3 +1,9 @@
+CVE-2008-XXXX [unauthorized content modification via xml-rpc in wordpress]
+ - wordpress <unfixed> (medium; bug #464170)
+ NOTE: The blog has to provide user accounts
+ NOTE: A crafted XML-RPC request referring to a valid user can exploit this
+ NOTE: CVE id pending
+ TODO: check if packages embedding xmlrpc share this code
CVE-2008-0553 [buffer overflow in tk GIF handling]
- tk8.5 8.5.0-3
- tk8.4 8.4.17-2
More information about the Secure-testing-commits
mailing list