Date: Sun, 8 Feb 2009 17:29:30 GMT From: Mark Foster <mark@foster.cc> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/131508: vuxml submission for www/amaya Message-ID: <200902081729.n18HTUYn049847@www.freebsd.org> Resent-Message-ID: <200902081730.n18HU2WN067882@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 131508 >Category: ports >Synopsis: vuxml submission for www/amaya >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sun Feb 08 17:30:02 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Mark Foster >Release: 7.1 RELEASE >Organization: Credentia >Environment: >Description: >How-To-Repeat: >Fix: <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; <vuln vid="690f7d4f-7084-4890-a39e-2852c6732c2c"> <topic>amaya -- Amaya web editor XML and HTML parser vulnerabilities</topic> <affects> <package> <name>amaya</name> <range><le>11.0</le></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; <p>CoreSecurity reports:</p> <blockquote cite="http://www.coresecurity.com/content/amaya-buffer-overflows">; <p>Amaya is the W3Cs Web editor/browser a tool used to create and update documents directly on the Web. Multiple stack buffer overflow vulnerabilities have been discovered in Amaya which can be exploited by unauthorized people using crafted web pages to compromise a users system.</p> </blockquote> </body> </description> <references> <url>http://www.coresecurity.com/content/amaya-buffer-overflows</url>; <bid>500492</bid> </references> <dates> <discovery>2009-01-28</discovery> <entry>2009-02-08</entry> </dates> </vuln> >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902081729.n18HTUYn049847>