Public bug reported:
Binary package hint: acidbase
Dear Colleagues,
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php
in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote
attackers to inject arbitrary web script or HTML via the (1) sig[0] and
(2) sig[1] parameters.
** Affects: acidbase (Ubuntu)
Importance: Undecided
Assignee: Stephan Hermann (shermann)
Status: In Progress
** Affects: acidbase (Debian)
Importance: Unknown
Status: Unknown
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-6156
** Visibility changed to: Public
** Changed in: acidbase (Ubuntu)
Assignee: (unassigned) => Stephan Hermann (shermann)
Status: New => In Progress
** Bug watch added: Debian Bug tracker #453838
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453838
** Also affects: acidbase (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453838
Importance: Unknown
Status: Unknown
--
[CVE-2007-6156] cross site scripting vulnerability
https://bugs.launchpad.net/bugs/173646
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
