Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 11 May 2012 09:31:04 +0000
From: Luc ABRIC <luc.abric@...ida.fr>
To: "'oss-security@...ts.openwall.com'" <oss-security@...ts.openwall.com>
CC: Karim SLAMANI <karim.slamani@...ida.fr>,
        Valérian PERRET <valerian.perret@...ida.fr>,
        Yann MICHARD
	<yann.michard@...ida.fr>
Subject: CVE-2012-1597: XSS in eZ Publish

Hi everyone,

eZ Publish just released details and fix for this XSS vulnerability that Yann MICHARD discovered a few months ago:
http://share.ez.no/community-project/security-advisories/ezsa-2012-006-xss-exploit-on-ezjscore-run-command-when-using-firefox
The advisory provides details about the fix itself.

Please update the CVE-2012-1597 details with those informations.

Regards,
Luc ABRIC
IT Security Expert

6 avenue du Vieil Etang - Bâtiment B
78180 Montigny-le-Bretonneux
Phone: +33 (0)1 30 14 19 00
Fax:       +33 (0)1 30 14 19 09
Mobile: +33 (0)6 26 87 62 14
luc.abric@...ida.fr

www.oppida.fr



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.