oss-sec mailing list archives
CVE request: eZ Publish: unspecified vulnerability
From: Luc ABRIC <luc.abric () oppida fr>
Date: Thu, 15 Mar 2012 08:59:56 +0000
Hi, We identified 2 critical vulnerabilities affecting the eZ Publish application in both commercial and community edition. eZ Systems Enterprise just opened the following issue regarding the most critical vulnerability: http://issues.ez.no/19238 The 2nd issue will lead to another item in the bugtracker as soon as its confirmed by eZ. Is it enough to request a CVE ID, at least for the first issue? We're waiting for the editor to roll out a fix before releasing more details (including our exploit). Regards, Luc ABRIC. IT Security Expert at Oppida 6 avenue du Vieil Etang - Bâtiment B 78180 Montigny-le-Bretonneux Phone: +33 (0)1 30 14 19 00 Fax: +33 (0)1 30 14 19 09 Mobile: +33 (0)6 26 87 62 14 Mail: luc.abric () oppida fr Website: www.oppida.fr
Current thread:
- CVE request: eZ Publish: unspecified vulnerability Luc ABRIC (Mar 15)
- Re: CVE request: eZ Publish: unspecified vulnerability Kurt Seifried (Mar 15)
- Re: CVE request: eZ Publish: unspecified vulnerability Solar Designer (Mar 15)
- Re: CVE request: eZ Publish: unspecified vulnerability Kurt Seifried (Mar 15)