[Secure-testing-commits] r21042 - data/CVE
Henri Salo
fgeek-guest at alioth.debian.org
Fri Jan 25 13:20:38 UTC 2013
Author: fgeek-guest
Date: 2013-01-25 13:20:37 +0000 (Fri, 25 Jan 2013)
New Revision: 21042
Modified:
data/CVE/list
Log:
wordpress vulnerable to CVE-2012-3414
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-25 09:42:04 UTC (rev 21041)
+++ data/CVE/list 2013-01-25 13:20:37 UTC (rev 21042)
@@ -11137,9 +11137,11 @@
RESERVED
- plpupload <itp> (bug #668396)
- wordpress 3.3.2
-CVE-2012-3414 [libjs-swfupload]
+CVE-2012-3414 [libjs-swfupload, wordpress: XSS vulnerability]
RESERVED
- libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323)
+ - wordpress <unfixed> (bug #698934)
+ NOTE: https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/
CVE-2012-3413 (The HTMLQuoteColorer::process function in ...)
- kdepim <not-affected> (Only affects kdepim >= 4.6)
NOTE: CVE-request http://www.openwall.com/lists/oss-security/2012/07/13/3
More information about the Secure-testing-commits
mailing list