Author: nion Date: 2008-02-05 16:13:43 +0000 (Tue, 05 Feb 2008) New Revision: 8079 Modified: data/CVE/list Log: new issue: wordpress, cve id pending Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-02-05 12:16:13 UTC (rev 8078) +++ data/CVE/list 2008-02-05 16:13:43 UTC (rev 8079) @@ -1,3 +1,9 @@ +CVE-2008-XXXX [unauthorized content modification via xml-rpc in wordpress] + - wordpress <unfixed> (medium; bug #464170) + NOTE: The blog has to provide user accounts + NOTE: A crafted XML-RPC request referring to a valid user can exploit this + NOTE: CVE id pending + TODO: check if packages embedding xmlrpc share this code CVE-2008-0553 [buffer overflow in tk GIF handling] - tk8.5 8.5.0-3 - tk8.4 8.4.17-2