[VIM] possible vendor fix of tinyMuw issues

Steven M. Christey coley at mitre.org
Tue Jun 13 16:40:29 EDT 2006


Refs: CVE-2006-2970, CVE-2006-2969

FRSIRT:ADV-2006-2310 says the issue is fixed in the latest downloads,
but the available version number is the same as the version that was
reported to be vulnerable.  A download of the source code suggests
that 2 key files were modified after the original disclosure date,
which is also after the original release date for the affected
version.  Quick glance at the source code suggests protection
mechanisms are in place for the related issues (things like die "HACK
ATTEMPT!").  I sent an email to the vendor just to confirm that the
issues have been fixed.

- Steve


======================================================
Name: CVE-2006-2969
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2969
Reference: BUGTRAQ:20060609 TinyMuw v1.0 - XSS
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/436640/100/0/threaded

Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow
remote attackers to inject arbitrary web script or HTML via a
javascript URI in the SRC attribute of an IMG element in the input box
in quickchat.php, and possibly other manipulations.


======================================================
Name: CVE-2006-2970
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2970
Reference: BUGTRAQ:20060609 TinyMuw v1.0 - XSS
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/436640/100/0/threaded

videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain
sensitive information via a certain id parameter, probably with an
invalid value, which reveals the path in an error message.




More information about the VIM mailing list