1 |
boklm |
7 |
ID: MGASA-2013-0163 |
2 |
|
|
pubtime: 1370521473 |
3 |
|
|
type: security |
4 |
|
|
src: |
5 |
boklm |
12 |
2: |
6 |
boklm |
7 |
core: |
7 |
|
|
- php-geshi-1.0.8.11-1.mga2 |
8 |
|
|
CVE: |
9 |
|
|
- CVE-2012-3251 |
10 |
|
|
- CVE-2012-3522 |
11 |
|
|
subject: Updated php-geshi package fix security vulnerabilities |
12 |
|
|
description: | |
13 |
|
|
A directory traversal and information disclosure (local file inclusion) flaws |
14 |
|
|
were found in the cssgen contrib module (application to generate custom CSS |
15 |
|
|
files) of GeSHi, a generic syntax highlighter, performed sanitization of |
16 |
|
|
'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote |
17 |
|
|
attacker could provide a specially-crafted URL that, when visited could lead |
18 |
|
|
to local file system traversal or, potentially, ability to read content of |
19 |
|
|
any local file, accessible with the privileges of the user running the |
20 |
|
|
webserver (CVE-2012-3251). |
21 |
|
|
|
22 |
|
|
A cross-site scripting (XSS) flaw was found in the way 'langwiz' example |
23 |
|
|
script of GeSHi, a generic syntax highlighter, performed sanitization of |
24 |
|
|
certain HTTP GET / POST request variables (prior dumping their content). A |
25 |
|
|
remote attacker could provide a specially-crafted URL that, when visited |
26 |
|
|
would lead to arbitrary HTML or web script execution (CVE-2012-3522). |
27 |
|
|
references: |
28 |
|
|
- http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105247.html |