[VIM] [CVENEW] New CVE CANs: 2013/03/13 16:48 ; count=2

coley at mitre.org coley at mitre.org
Wed Mar 13 15:53:20 CDT 2013


======================================================
Name: CVE-2013-0312
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0312
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20121206
Category: 
Reference: MISC:https://bugzilla.redhat.com/show_bug.cgi?id=912964
Reference: MISC:https://fedorahosted.org/389/ticket/571
Reference: CONFIRM:http://directory.fedoraproject.org/wiki/Releases/1.3.0.4
Reference: REDHAT:RHSA-2013:0628
Reference: URL:http://rhn.redhat.com/errata/RHSA-2013-0628.html
Reference: BID:58428
Reference: URL:http://www.securityfocus.com/bid/58428
Reference: SECUNIA:52279
Reference: URL:http://secunia.com/advisories/52279
Reference: SECUNIA:52568
Reference: URL:http://secunia.com/advisories/52568

389 Directory Server before 1.3.0.4 allows remote attackers to cause a
denial of service (crash) via a zero length LDAP control sequence.



======================================================
Name: CVE-2013-1469
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1469
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130129
Category: 
Reference: BUGTRAQ:20130227 Multiple Vulnerabilities in Piwigo
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2013-02/0153.html
Reference: EXPLOIT-DB:24561
Reference: URL:http://www.exploit-db.com/exploits/24561
Reference: MISC:http://packetstormsecurity.com/files/120592/Piwigo-2.4.6-Cross-Site-Request-Forgery-Traversal.html
Reference: MISC:http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5127.php
Reference: MISC:https://www.htbridge.com/advisory/HTB23144
Reference: CONFIRM:http://piwigo.org/bugs/view.php?id=0002843
Reference: CONFIRM:http://piwigo.org/forum/viewtopic.php?id=21470
Reference: CONFIRM:http://piwigo.org/releases/2.4.7

Directory traversal vulnerability in install.php in Piwigo before
2.4.7 allows remote attackers to read and delete arbitrary files via a
.. (dot dot) in the dl parameter.





More information about the VIM mailing list