FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  360546
Date:      2014-07-04
Time:      06:38:23Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ce680f0a-eea6-11e1-8bd8-0022156e8794squidclamav -- cross-site scripting in default virus warning pages

SquidClamav developers report:

This release fix several security issues by escaping CGI parameters.

Prior to versions 6.7 and 5.8, CGI script clwarn.cgi was not properly sanitizing input variables, so they could be used to inject arbitrary strings to the generated page, leading to the cross-site scripting attacks.


Discovery 2012-07-24
Entry 2012-08-25
squidclamav
lt 5.8

ge 6.0 lt 6.7

CVE-2012-4667
http://squidclamav.darold.net/news.html