[Secure-testing-commits] r19047 - data/CVE

Florian Weimer Tue, 24 Apr 2012 02:17:51 -0700

Author: fw
Date: 2012-04-24 09:17:01 +0000 (Tue, 24 Apr 2012)
New Revision: 19047


Modified:
   data/CVE/list
Log:
CVE-2011-5083: dotclear bug filed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2012-04-24 09:09:07 UTC (rev 19046)
+++ data/CVE/list       2012-04-24 09:17:01 UTC (rev 19047)
@@ -1376,8 +1376,8 @@
        - vlc <unfixed>
        TODO: check
 CVE-2011-5083 (Unrestricted file upload vulnerability in inc/swf/swfupload.swf 
in ...)
-       - dotclear <unfixed>
-       TODO: check
+       - dotclear <unfixed> (low; bug #670227)
+       NOTE: Post-authentication; vulnerability is actually in admin/media.php.
 CVE-2012-1790 (Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 
allows ...)
        NOT-FOR-US: Webgrind
 CVE-2012-1789 (Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 
1.7.3 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r19047 - data/CVE

Reply via email to