thr3ads.net - Secure testing commits - [Secure-testing-commits] r10153

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2008-Oct-23 18:15 UTC

[Secure-testing-commits] r10153 - data/CVE

Author: nion
Date: 2008-10-23 18:15:25 +0000 (Thu, 23 Oct 2008)
New Revision: 10153

Modified:
   data/CVE/list
Log:
two new drupal issues

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-10-22 21:14:09 UTC (rev 10152)
+++ data/CVE/list	2008-10-23 18:15:25 UTC (rev 10153)
@@ -1,3 +1,10 @@
+CVE-2008-XXXX [local file inclusion in drupal]
+	- drupal6 <unfixed> (low; bug #503222)
+	- drupal5 <unfixed> (low; bug #503217)
+CVE-2008-XXXX [XSS in book module in drupal]
+	- drupal6 <unfixed> (low; bug #503222)
+	- drupal5 <unfixed> (low; bug #503217)
+	TODO: check if druapal5 really has this vulnerability, the code looks
different
 CVE-2008-4676 (Unspecified vulnerability in Citrix XenApp (formerly
Presentation ...)
 	TODO: check
 CVE-2008-4675 (SQL injection vulnerability in index.php in PHPcounter 1.3.2 and
...)

Secure testing commits - Oct 2008 - r10153 - data/CVE

[Secure-testing-commits] r10153 - data/CVE