Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 3 Jun 2014 00:48:48 -0400 (EDT)
From: cve-assign@...re.org
To: henri@...v.fi
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE ID request: typo3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/

Use CVE-2014-3947 for "upload files with specially crafted file
extensions, which could be executed as PHP files."

Use CVE-2014-3948 for XSS.


> http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-008/

Use CVE-2014-3949.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTjVLoAAoJEKllVAevmvms2kkH/1ZS6qcBODDxbxu7qvNX9TI6
01WrL/lDfDSJB2MKXbWH6+rcHAvU3ZG8R/w78zjVztJlvKbMY45lZnyOtsX9Jsd1
LS55DEgOCArk17XrLe2trGa/gcXhUS/NpLJ6hI747rZ1YiDGcRCIG9akpebodDaU
VjM0VgC2nli1Il7POr1gqriV04LDABZRcm9n+qM0PA+RR7Qvlb3Fs0AsNdUJH0PK
yhKg4e/aEn2OVtFvAVAaYjvt8lxb/FK/Z16wF/Vi9jeOjg2ZOTN3Qf33r7u3eAwi
5JKp4EpRrt/GuosJq9ALkfZa4RnUH/ybpjiSScni4Z5R9Ud1SrWnfSOlmLzBOhw=
=go2c
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ