diff options
author | Remko Lodder <remko@FreeBSD.org> | 2006-04-05 20:00:17 +0000 |
---|---|---|
committer | Remko Lodder <remko@FreeBSD.org> | 2006-04-05 20:00:17 +0000 |
commit | a0ddc702a370da6bbc28d1e7e0105794a88defa9 (patch) | |
tree | b7dd083cf6317bae749aff19a098758da6552673 /security/vuxml/vuln.xml | |
parent | fc258f1004e6c8fad3d887fdd84a8fd8167eee84 (diff) | |
download | ports-a0ddc702a370da6bbc28d1e7e0105794a88defa9.tar.gz ports-a0ddc702a370da6bbc28d1e7e0105794a88defa9.zip |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 890ff0493dfd..6fbce8380a7e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="99015cf5-c4dd-11da-b2fb-000e0c2e438a"> + <topic>mediawiki -- hardcoded placeholder string security bypass + vulnerability</topic> + <affects> + <package> + <name>mediawiki</name> + <range><lt>1.5.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The mediawiki development team reports a vulnerability + within the mediawiki application. The vulnerability is + caused by improper checking of inline style attributes. This + could result in the execution of arbitrary javascript code in + Microsoft Internet Explorer. It appears that other browsers + are not affected by this vulnerability.</p> + </body> + </description> + <references> + <bid>16032</bid> + <cvename>CAN-2005-4501</cvename> + <url>http://sourceforge.net/project/shownotes.php?release_id=379951</url> + </references> + <dates> + <discovery>2005-12-22</discovery> + <entry>2006-04-05</entry> + </dates> + </vuln> + <vuln vid="ae9fb0d7-c4dc-11da-b2fb-000e0c2e438a"> <topic>netpbm -- buffer overflow in pnmtopng</topic> <affects> |