FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374986
Date:      2014-12-20
Time:      00:21:30Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e135f0c9-375f-11e3-80b7-20cf30e32f6dbugzilla -- multiple vulnerabilities

A Bugzilla Security Advisory reports:

Cross-Site Request Forgery

When a user submits changes to a bug right after another user did, a midair collision page is displayed to inform the user about changes recently made. This page contains a token which can be used to validate the changes if the user decides to submit his changes anyway. A regression in Bugzilla 4.4 caused this token to be recreated if a crafted URL was given, even when no midair collision page was going to be displayed, allowing an attacker to bypass the token check and abuse a user to commit changes on his behalf.

Cross-Site Request Forgery

When an attachment is edited, a token is generated to validate changes made by the user. Using a crafted URL, an attacker could force the token to be recreated, allowing him to bypass the token check and abuse a user to commit changes on his behalf.

Cross-Site Scripting

Some parameters passed to editflagtypes.cgi were not correctly filtered in the HTML page, which could lead to XSS.

Cross-Site Scripting

Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered field values in tabular reports could lead to XSS.


Discovery 2013-10-16
Entry 2013-10-17
Modified 2014-04-30
bugzilla
ge 4.0.0 lt 4.0.11

bugzilla40
ge 4.0.0 lt 4.0.11

bugzilla42
ge 4.2.0 lt 4.2.7

bugzilla44
ge 4.4 lt 4.4.1

CVE-2013-1733
https://bugzilla.mozilla.org/show_bug.cgi?id=911593
CVE-2013-1734
https://bugzilla.mozilla.org/show_bug.cgi?id=913904
CVE-2013-1742
https://bugzilla.mozilla.org/show_bug.cgi?id=924802
CVE-2013-1743
https://bugzilla.mozilla.org/show_bug.cgi?id=924932