Date: Mon, 14 Dec 2009 11:58:30 -0500 From: Anthon Pang <anthon.pang@...il.com> To: oss-security@...ts.openwall.com Subject: CVE Request - Open Flash Chart v2 The Piwik project released an advisory re: the inclusion of ofc_upload_image.php -- a potentially exploitable file from the php-ofc-library offered by the Open Flash Chart project. - http://piwik.org/blog/2009/10/piwik-response-to-secunia-advisory-sa37078/ Since Open Flash Chart is used by web sites and open source projects, a common CVE makes sense. Open Flash Chart: Affected v2 Beta 1 through v2 Lug Wyrm Charmer. Fixed: no Piwki: Affected: 0.2.35 through 0.4.3. Fixed in 0.4.4. (Removed file) Open Web Analytics: Affected: 1.2. Fixed in svn. (Removed file) Other web sites/projects: - http://www.google.com/search?q=php-ofc-library+ofc_upload_image.php+-piwik - http://www.google.com/codesearch?q=ofc_upload_image.php
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.