diff options
| author | simon <simon@FreeBSD.org> | 2005-01-09 04:18:16 +0800 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2005-01-09 04:18:16 +0800 |
| commit | 6c381208b02051581327afdfdb6003209ca63642 (patch) | |
| tree | 4e9142986fa0a0c59791a480217a5915f8820200 /security | |
| parent | 5719160ee031e3f23a576eee004df2670303b631 (diff) | |
| download | freebsd-ports-gnome-6c381208b02051581327afdfdb6003209ca63642.tar.gz freebsd-ports-gnome-6c381208b02051581327afdfdb6003209ca63642.tar.zst freebsd-ports-gnome-6c381208b02051581327afdfdb6003209ca63642.zip | |
Document format string vulnerability in dillo.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 87bb69d0ae76..d8979b37dc6e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,31 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="28ab7ddf-61ab-11d9-a9e7-0001020eed82"> + <topic>dillo -- format string vulnerability</topic> + <affects> + <package> + <name>dillo</name> + <range><lt>0.8.3_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>dillo contains a format string vulnerability which could + lead to execution of arbitrary code simply by viewing a web + page or opening a HTML file.</p> + </body> + </description> + <references> + <cvename>CAN-2005-0012</cvename> + <url>http://bugs.gentoo.org/show_bug.cgi?id=76665</url> + </references> + <dates> + <discovery>2005-01-04</discovery> + <entry>2005-01-08</entry> + </dates> + </vuln> + <vuln vid="f92e1bbc-5e18-11d9-839a-0050da134090"> <topic>tnftp -- mget does not check for directory escapes</topic> <affects> |