[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 14 Dec 2009 11:58:30 -0500
From: Anthon Pang <anthon.pang@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request - Open Flash Chart v2
The Piwik project released an advisory re: the inclusion of
ofc_upload_image.php -- a potentially exploitable file from the
php-ofc-library offered by the Open Flash Chart project.
- http://piwik.org/blog/2009/10/piwik-response-to-secunia-advisory-sa37078/
Since Open Flash Chart is used by web sites and open source projects,
a common CVE makes sense.
Open Flash Chart: Affected v2 Beta 1 through v2 Lug Wyrm Charmer. Fixed: no
Piwki: Affected: 0.2.35 through 0.4.3. Fixed in 0.4.4. (Removed file)
Open Web Analytics: Affected: 1.2. Fixed in svn. (Removed file)
Other web sites/projects:
- http://www.google.com/search?q=php-ofc-library+ofc_upload_image.php+-piwik
- http://www.google.com/codesearch?q=ofc_upload_image.php
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
