thr3ads.net - Secure testing commits - [Secure-testing-commits] r14887

If this information is useful, please help other people find it:
Share via:

Nico Golde

2010-Jun-20 12:08 UTC

[Secure-testing-commits] r14887 - data/CVE

Author: nion
Date: 2010-06-20 12:08:54 +0000 (Sun, 20 Jun 2010)
New Revision: 14887

Modified:
   data/CVE/list
Log:
adjusting impact of CVE-2010-1648/CVE-2010-1647, we usually use low for web
related issues with this kind of impact

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-06-19 22:40:58 UTC (rev 14886)
+++ data/CVE/list	2010-06-20 12:08:54 UTC (rev 14887)
@@ -1640,10 +1640,10 @@
 CVE-2010-1649 (Multiple cross-site scripting (XSS) vulnerabilities in the back
end in ...)
 	NOT-FOR-US: Joomla
 CVE-2010-1648 (Cross-site request forgery (CSRF) vulnerability in the login
interface ...)
-	- mediawiki <unfixed> (bug #585918; medium)
+	- mediawiki <unfixed> (bug #585918; low)
 	NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
 CVE-2010-1647 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.15
before ...)
-	- mediawiki <unfixed> (bug #585918; medium)
+	- mediawiki <unfixed> (bug #585918; low)
 	NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
 CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22
and ...)
 	{DSA-2062-1}

Secure testing commits - Jun 2010 - r14887 - data/CVE

[Secure-testing-commits] r14887 - data/CVE