Oval Definition:
oval:org.mitre.oval:def:8025
Revision Date
:
2014-06-23
Version
:
17
Title
:
DSA-1829 sork-passwd-h3 -- insufficient input sanitising
Description
:
It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2009-2360
DSA-1829
Platform(s)
:
Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s)
:
sork-passwd-h3
Definition Synopsis
Release section
Debian GNU/Linux 5.0 is installed
AND
Installed architecture is all
AND
sork-passwd-h3 is earlier than 3.0-2+lenny1
OR
Release section
Debian GNU/Linux 4.0 is installed.
AND
Installed architecture is all
AND
sork-passwd-h3 is earlier than 3.0-2+etch1
BACK