ソフト名:ATutor 1.0/2.0
回避策:Patch 07にて対応
脆弱性:XSS, 認証資格情報の奪取
ソース:http://www.atutor.ca/atutor/
http://www.htbridge.ch/advisory/xss_vulnerability_in_atutor_edit_content_folder.html
http://www.htbridge.ch/advisory/xss_vulnerability_in_atutor_1.html
http://www.securityfocus.com/bid/43241
http://secunia.com/advisories/41468
危険性:Medium Risk
2010-07-23
ATutor
ソフト名:ATutor 2.0
回避策:未対応
脆弱性:CSRF, XSS, Webキャッシュ汚染
ソース:http://www.atutor.ca/atutor/
http://cross-site-scripting.blogspot.com/2010/07/atutor-20-cross-site-request-forgery.html
http://www.vupen.com/english/advisories/2010/1722
危険性:Medium Risk
回避策:未対応
脆弱性:CSRF, XSS, Webキャッシュ汚染
ソース:http://www.atutor.ca/atutor/
http://cross-site-scripting.blogspot.com/2010/07/atutor-20-cross-site-request-forgery.html
http://www.vupen.com/english/advisories/2010/1722
危険性:Medium Risk
2010-07-21
ATutor
ソフト名:ATutor 1.6.4
回避策:未対応
脆弱性:SQLインジェクション
ソース:http://www.atutor.ca/atutor/
http://www.vupen.com/english/advisories/2010/0973
危険性:Medium Risk
回避策:未対応
脆弱性:SQLインジェクション
ソース:http://www.atutor.ca/atutor/
http://www.vupen.com/english/advisories/2010/0973
危険性:Medium Risk
2010-03-16
ATutor
ソフト名:ATutor 1.6.4
回避策:未対応
脆弱性:XSS
ソース:http://www.atutor.ca/atutor/
http://www.exploit-db.com/exploits/11685
http://www.securityfocus.com/bid/38656
http://secunia.com/advisories/38906
危険性:Medium Risk
回避策:未対応
脆弱性:XSS
ソース:http://www.atutor.ca/atutor/
http://www.exploit-db.com/exploits/11685
http://www.securityfocus.com/bid/38656
http://secunia.com/advisories/38906
危険性:Medium Risk
登録:
投稿 (Atom)
