Nome do pacote
phpldapadmin
Data
2012-02-15
ID Alerta
MDVSA-2012:020
Versões afetadas
MES5 i586 , MES5 x86_64

Descrição do problema

A vulnerability has been found and corrected in phpldapadmin:

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in
phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject
arbitrary web script or HTML via the base parameter in a query_engine
action to cmd.php (CVE-2012-0834).

The updated packages have been patched to correct this issue.

Pacotes atualizados

MES5 i586

 b4099f71ab2b3ac8052b23f6c6ad8551  mes5/i586/phpldapadmin-1.2.2-0.3mdvmes5.2.noarch.rpm 
 61cf472322320166cdcfcf80df160402  mes5/SRPMS/phpldapadmin-1.2.2-0.3mdvmes5.2.src.rpm

MES5 x86_64

 e6431121604ed1e8409853c75c40f51b  mes5/x86_64/phpldapadmin-1.2.2-0.3mdvmes5.2.noarch.rpm 
 61cf472322320166cdcfcf80df160402  mes5/SRPMS/phpldapadmin-1.2.2-0.3mdvmes5.2.src.rpm

Referências