aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsimon <simon@FreeBSD.org>2005-07-09 05:17:12 +0800
committersimon <simon@FreeBSD.org>2005-07-09 05:17:12 +0800
commite6f206e725d562f6bc178860152384b028629a3e (patch)
tree7c60ab39282695ced44355210a3c5745b3767b56
parent983809a909d44dde41db97e9f1f660b0d4ba8e53 (diff)
downloadfreebsd-ports-graphics-e6f206e725d562f6bc178860152384b028629a3e.tar.gz
freebsd-ports-graphics-e6f206e725d562f6bc178860152384b028629a3e.tar.zst
freebsd-ports-graphics-e6f206e725d562f6bc178860152384b028629a3e.zip
Document pear-XML_RPC -- information disclosure vulnerabilities.
-rw-r--r--security/vuxml/vuln.xml31
1 files changed, 31 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index ba0caefc129..14cc7c29762 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,37 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="b64481d9-eff4-11d9-8310-0001020eed82">
+ <topic>pear-XML_RPC -- information disclosure
+ vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>pear-XML_RPC</name>
+ <range><lt>1.3.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The pear-XML_RPC release notes reports that the following
+ issues has been fixed:</p>
+ <blockquote cite="http://pear.php.net/package/XML_RPC/download/1.3.2">
+ <p>Eliminate path disclosure vulnerabilities by suppressing
+ error messages when eval()'ing.</p>
+ <p>Eliminate path disclosure vulnerability by catching bogus
+ parameters submitted to
+ <code>XML_RPC_Value::serializeval()</code>.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://pear.php.net/package/XML_RPC/download/1.3.2</url>
+ </references>
+ <dates>
+ <discovery>2005-07-07</discovery>
+ <entry>2005-07-08</entry>
+ </dates>
+ </vuln>
+
<vuln vid="9a035a56-eff0-11d9-8310-0001020eed82">
<topic>ekg -- insecure temporary file creation</topic>
<affects>