[Secure-testing-commits] r12406 - data/CVE
Nico Golde
nion at alioth.debian.org
Fri Jul 24 21:34:41 UTC 2009
Author: nion
Date: 2009-07-24 21:34:40 +0000 (Fri, 24 Jul 2009)
New Revision: 12406
Modified:
data/CVE/list
Log:
new drupal6 issue non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-24 21:19:10 UTC (rev 12405)
+++ data/CVE/list 2009-07-24 21:34:40 UTC (rev 12406)
@@ -1,3 +1,8 @@
+CVE-2009-XXXX [XSS in drupal 6 calendar field]
+ - drupal6 <unfixed> (unimportant)
+ NOTE: you need to be able to create new calendar items, e.g. admistrative
+ NOTE: access in order to exploit that
+ NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2009-July/069849.html
CVE-2009-2584 (Off-by-one error in the options_write function in ...)
- linux-2.6 <unfixed> (low)
- linux-2.6.24 <removed>
More information about the Secure-testing-commits
mailing list