FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-01 00:46:00 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fc9e73b2-8685-11dd-bb64-0030843d3802	gallery -- multiple vulnerabilities Secunia reports: An error in the handing of ZIP archives with symbolic links can be exploited to disclose the contents of arbitrary files. Input from uploaded Flash animations is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious data is viewed. Discovery 2008-09-18 Entry 2008-09-19 Modified 2008-10-03 gallery < 1.5.9 gallery2 < 2.2.6 http://secunia.com/advisories/31912/ http://secunia.com/advisories/31858/

VuXML ID

Description

fc9e73b2-8685-11dd-bb64-0030843d3802

gallery -- multiple vulnerabilities

Secunia reports:

An error in the handing of ZIP archives with symbolic links can be exploited to disclose the contents of arbitrary files.

Input from uploaded Flash animations is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious data is viewed.

Discovery 2008-09-18
Entry 2008-09-19
Modified 2008-10-03
gallery

< 1.5.9

gallery2

< 2.2.6

http://secunia.com/advisories/31912/
http://secunia.com/advisories/31858/