diff options
| author | tabthorpe <tabthorpe@FreeBSD.org> | 2009-01-25 08:56:17 +0800 |
|---|---|---|
| committer | tabthorpe <tabthorpe@FreeBSD.org> | 2009-01-25 08:56:17 +0800 |
| commit | ae0790b193d80a0fc2bf7c48ca366bf08d95ef61 (patch) | |
| tree | 05d153e12c3a1b030fdc5a5dfd9761938ba51e39 /security | |
| parent | ea78d751c86303adc2a6924e90b32610b308f9b0 (diff) | |
| download | freebsd-ports-gnome-ae0790b193d80a0fc2bf7c48ca366bf08d95ef61.tar.gz freebsd-ports-gnome-ae0790b193d80a0fc2bf7c48ca366bf08d95ef61.tar.zst freebsd-ports-gnome-ae0790b193d80a0fc2bf7c48ca366bf08d95ef61.zip | |
- Document openfire -- multiple vulnerabilities
PR: ports/130606
Submitted by: Mark Foster <mark foster.cc>
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 8a4b2c03377d..25ee97da1921 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,43 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="c3aba586-ea77-11dd-9d1e-000bcdc1757a"> + <topic>openfire -- multiple vulnerabilities</topic> + <affects> + <package> + <name>openfire</name> + <range><lt>3.6.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Core Security Technologies reports:</p> + <blockquote + cite="http://www.coresecurity.com/content/openfire-multiple-vulnerabilities"> + <p>Multiple cross-site scripting vulnerabilities have been found + which may lead to arbitrary remote code execution on the server + running the application due to unauthorized upload of Java plugin + code.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.coresecurity.com/content/openfire-multiple-vulnerabilities</url> + <bid>32935</bid> + <bid>32937</bid> + <bid>32938</bid> + <bid>32939</bid> + <bid>32940</bid> + <bid>32943</bid> + <bid>32944</bid> + <bid>32945</bid> + </references> + <dates> + <discovery>2009-01-08</discovery> + <entry>2009-01-25</entry> + </dates> + </vuln> + <vuln vid="abcacb5a-e7f1-11dd-afcd-00e0815b8da8"> <topic> ipset-tools -- Denial of Service Vulnerabilities</topic> <affects> |