Mandriva Linux Security Advisory 2011-082

0

Mandriva Linux Security Advisory 2011-082 – Multiple vulnerabilities have been found and corrected in python-feedparser. Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas. feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service via a malformed DOCTYPE declaration. Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments. Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI. The updated packages have been patched to correct these issues.

Source: Mandriva Linux Security Advisory 2011-082

LAISSER UN COMMENTAIRE

S'il vous plaît entrez votre commentaire!
S'il vous plaît entrez votre nom ici

Notifiez-moi des commentaires à venir via e-mail. Vous pouvez aussi vous abonner sans commenter.

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.