diff options
| author | miwi <miwi@FreeBSD.org> | 2009-01-03 20:35:32 +0800 |
|---|---|---|
| committer | miwi <miwi@FreeBSD.org> | 2009-01-03 20:35:32 +0800 |
| commit | 856731120e9ec0540fe6a7e1dbee5b25cc90db3f (patch) | |
| tree | e7a7e5a376dc3cc1d8d5b23b03fab38998868420 /security/vuxml | |
| parent | 402f6a432f0f902eb0e6b195107a8142ae025f79 (diff) | |
| download | freebsd-ports-gnome-856731120e9ec0540fe6a7e1dbee5b25cc90db3f.tar.gz freebsd-ports-gnome-856731120e9ec0540fe6a7e1dbee5b25cc90db3f.tar.zst freebsd-ports-gnome-856731120e9ec0540fe6a7e1dbee5b25cc90db3f.zip | |
- Cleanup (fix whitespaces, typos)
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 2d52d0b504e7..da39d9d9152d 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -46,13 +46,12 @@ Note: Please add new entries to the beginning of this file. <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Jan Lieskovsky reports:</p> - <blockquote - cite="http://www.openwall.com/lists/oss-security/2008/11/28/1"> - <p>perl-File-Path rmtree race condition (CVE-2005-0448 was - assigned to address this)</p> - <p>This vulnerability was fixed in 5.8.4-7 but re-introduced - in 5.8.8-1. It's also present in File::Path 2.xx, up to and - including 2.07 which has only a partial fix.</p> + <blockquote cite="http://www.openwall.com/lists/oss-security/2008/11/28/1"> + <p>perl-File-Path rmtree race condition (CVE-2005-0448 was assigned to + address this)</p> + <p>This vulnerability was fixed in 5.8.4-7 but re-introduced + in 5.8.8-1. It's also present in File::Path 2.xx, up to and + including 2.07 which has only a partial fix.</p> </blockquote> </body> </description> @@ -128,13 +127,13 @@ Note: Please add new entries to the beginning of this file. <blockquote cite="http://www.coresecurity.com/content/vinagre-format-string"> <p>A format string error has been found on the - vinagre_utils_show_error() function that can be exploited via - commands issued from a malicious server containing format - string specifiers on the VNC name.</p> + vinagre_utils_show_error() function that can be exploited via + commands issued from a malicious server containing format + string specifiers on the VNC name.</p> <p>In a web based attack scenario, the user would be required - to connect to a malicious server. Successful exploitation - would then allow the attacker to execute arbitrary code with - the privileges of the Vinagre user.</p> + to connect to a malicious server. Successful exploitation + would then allow the attacker to execute arbitrary code with + the privileges of the Vinagre user.</p> </blockquote> </body> </description> |