aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml/vuln.xml
diff options
context:
space:
mode:
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r--security/vuxml/vuln.xml31
1 files changed, 31 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 9396cced792e..692cb35ba07b 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,37 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="e848a92f-0e7d-11de-92de-000bcdc1757a">
+ <topic>epiphany -- untrusted search path vulnerability</topic>
+ <affects>
+ <package>
+ <name>epiphany</name>
+ <range><lt>2.24.2.1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>CVE Mitre reports:</p>
+ <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5985">
+ <p>Untrusted search path vulnerability in the Python interface in
+ Epiphany 2.22.3, and possibly other versions, allows local users to
+ execute arbitrary code via a Trojan horse Python file in the current
+ working directory, related to a vulnerability in the PySys_SetArgv
+ function (CVE-2008-5983).
+ </p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2008-5985</cvename>
+ <cvename>CVE-2008-5983</cvename>
+ </references>
+ <dates>
+ <discovery>2009-01-26</discovery>
+ <entry>2009-03-11</entry>
+ </dates>
+ </vuln>
+
<vuln vid="f1892066-0e74-11de-92de-000bcdc1757a">
<topic>apache -- Cross-site scripting vulnerability</topic>
<affects>