Re: [HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities

From: yannick.warnier@xxxxxxxxxx
Date: 24 Dec 2007 11:29:57 -0000

Thanks for reporting it. We are currently issuing a patch for this vulnerability and another one (related to PHP file upload) which should be out on the 25th.

Yannick
Lead Dev

Prev by Date: [waraxe-2007-SA#060] - Sensitive info disclosure in CuteNews <= 1.4.5
Next by Date: PHP <= 5.2.5 Safe Mode Bypass
Previous by thread: [HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities
Next by thread: pdflib long filename multiple bufferoverflows
Index(es):
- Date
- Thread

Relevant Pages

Re: Download.ject - commentary - LONG
... > patch recently released by Microsoft. ... > vulnerability in question, but instead is just a partial workaround. ... > Granted these are known security best practices related to Internet ... > a new default browser to users and hope that it will be safe enough. ...
(microsoft.public.win2000.security)
Vulnerability Details for MS02-012
... Microsoft released a patch for a denial of service ... vulnerability in the Windows 2000 SMTP component. ... This bug affects all Windows 2000 systems running the SMTP service that have ...
(Bugtraq)
Microsoft Security Bulletin MS01-044
... Subject: Microsoft Security Bulletin MS01-044 ... 15 August 2001 Cumulative Patch for IIS ... - A denial of service vulnerability that could enable an attacker ...
(Bugtraq)
[NT] 15 August 2001 Cumulative Patch for IIS
... Microsoft has released an important patch for IIS administrators. ... * A denial of service vulnerability that could enable an attacker to ...
(Securiteam)
McAfee ePolicy Orchestrator Format String Vulnerability (a031703-1)
... ePolicy Orchestrator Format String Vulnerability ... on the host they wish to compromise. ... The vendor has made a patch available. ...
(Bugtraq)