LWN.net Logo

Advertisement

ThinLinc Terminal Server

Advanced thin client solution for Linux, based on Open Source. Mix Windows and Linux applications on the same desktop. V

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

moin: multiple vulnerabilities

Package(s):moin CVE #(s):CVE-2007-2637 CVE-2008-0782 CVE-2008-1098 CVE-2008-1099
Created:March 10, 2008 Updated:April 29, 2008
Description:

From the Debian advisory:

CVE-2007-2637: Access control lists for calendars and includes were insufficiently enforced, which could lead to information disclosure.

CVE-2008-0782: A directory traversal vulnerability in cookie handling could lead to local denial of service by overwriting files.

CVE-2008-1098: Cross-site-scripting vulnerabilities have been discovered in the GUI editor formatter and the code to delete pages.

CVE-2008-1099: The macro code validates access control lists insufficiently, which could lead to information disclosure.

Alerts:
Debian DSA-1514-1 2008-03-09
Gentoo 200803-27 2008-03-18
Fedora FEDORA-2008-3328 2008-04-29
Fedora FEDORA-2008-3301 2008-04-29
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.