Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Jan 2015 12:15:41 +0100
From: Francisco Alonso <rs@...skills.cz>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: Reflected XSS / Content Spoofing in FlexPaper

Hi,

Any update about this?

On Tue, Jan 6, 2015 at 9:45 PM, Francisco Alonso <rs@...skills.cz> wrote:

> Hello,
>
> Can a CVE please be assigned to the following issue:
>
> FlexPaper Flash viewer Reflected XSS and Content Spoofing via Swfile
> parameter in FlexPaperViewer.swf file.
>
> Fixed via FlexPaper 2.3.1 Release.
>
> References:
> http://blog.flexpaper.org/post/105984224083/flexpaper-2-3-1-release-notes
> https://code.google.com/p/flexpaper/
> http://www.theregister.co.uk/2014/12/23/wikileaks_pdf_viewer_vuln/
>
> http://www.pcworld.com/article/2862812/flaw-in-opensource-pdf-viewer-could-put-wikileaks-users-others-at-risk.html
>
> Thanks,
>



-- 

Francisco Alonso.
http://twitter.com/revskills
PGP: 0xE2E64DCA
--

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ