Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 17 Jul 2012 21:16:18 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE id request: libjs-swfupload

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/17/2012 01:46 PM, Nico Golde wrote:
> Hi, * Kurt Seifried <kseifried@...hat.com> [2012-07-17 21:43]: 
> [...] Thanks for the ids!
> 
>> Please use  CVE-2012-3415 for the libjs-swfupload CSRF issue
> 
> This should be plupload in case this has also been noted wrong in
> the CVE id description.
> 
> Cheers Nico
> 

Sorry got a little bit cutty and pasty instead of typing. Correct:

Please use  CVE-2012-3415 for the plupload CSRF issue

Vulnerability #2: CSRF in Plupload

The Plupload applet called Security.allowDomain('*') to allow the
applet to be used from any domain (so it could be served from S3, for
instance). That meant people could interact with the Plupload applet
from any other site on the Internet by embedding it on a page and
using JavaScript. But due to the way the same-origin policy works in
Flash, the applet could still make requests back to the domain on
which it was hosted. In addition, people can specify the full URL for
an upload request via JavaScript and the result of that request (ie:
the HTML of the resulting page) is passed back via JavaScript to the
embedding page.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQBiqCAAoJEBYNRVNeJnmTBu8P/RHCEtYcd7QsWGuaiRUrpRCy
XEK1x5beKZ8qc7YRb7qtEeNBSrnCk16TZ91WyX+V8E/hC5g+faj5J61DCOVNpd+T
jvKHEjOz5YA+nyFmKjQOIsFPmhpL0G2CD+3EZ8na8X7jEejJmg8b9rQ88x6Jqu20
s/juGiuUGlXf0JVLioRymGrFlxiPlnD1ilbcJmGAFTnYHd5C+Ss3jYrTG4v3NREg
y7SBML7KeFG8xd0lB7EuQ8ZGXKlwalPLbVCurcLROKCPsIf92LgKjMHcSMIs4t6u
fchhY8qQJVvcxnxrmlBVPnSOLUWNvcKBrAN96oi88KuYOxU/gHqFRSAK+mLgfrDj
XtE8MRv27+LJ1fxKGy6jjbh1JCXBaOylqeERe01PwmnOeEnX4m9RFkkK/hRNg6hp
JWEEfteV/LaP93ga6/fYo9jy/8dVT3ZF5DX/y9rbqrpF8KRRQ7awqT9oJZdUz8Co
rCs0Zey4i+BjGrfHRrNQdPYuQYZmE7v28RAsHLr+VpMFLM5Zlxq00lBUJmkBRH9X
uyy4yLSjdAxoM/84iXzzxVIcUJ+xYqAWIvScj+mejzTFqG7nzafAHJwBL9w1A3Zc
NhUIzkgvzZYWSmG966iINHGtuSt549jQzjcFXVXt1Qer1jWFRdWWGBINecsPbVFe
itJ1UYaxim9HgMbHD2RE
=ePvM
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.