On Fri, Aug 14, 2009 at 5:29 PM, Giuseppe Iuculano<[email protected]> wrote: > Yes, I checked against the PoC, but also upstream confirmed[1] that > > [1]http://wordpress.org/development/2007/04/wordpress-213-and-2010/
i still don't see CVE-2007-4483 claimed fixed there. so the difference bettween 1622 and 4483 is the affected file: wp-includes/vars.php vs. wp-content/themes/classic/index.php. hence, 4483 is specific to the classic theme, so you will need to test the proof-of-concept when using that theme. mike _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
