oss-security - CVE request: hastymail before 1.01 XSS

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-Id: <201101051224.40565.hanno@hboeck.de>
Date: Wed, 5 Jan 2011 12:24:40 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: CVE request: hastymail before 1.01 XSS

See
http://www.hastymail.org/security/

"Many thanks to Julien CAYSSOL who discovered and reported the issue. The 
specific problem is an XSS attack vector in HTML formatted messages that takes 
advantage of background attributes used with table cell elements. Due to an 
incorrect implementation of the new htmLawed HTML filter this attribute value 
was not properly sanitized and could be used to inject executable JavaScript. 
This was NOT a flaw in the htmLawed filter code itself, but a problem with 
it's specific use in Hastymail2. The Hastymail2 1.01 release was pacakages 
specifically to address this one issue. "

-- 
Hanno Böck		Blog:		http://www.hboeck.de/
GPG: 3DBD3B20		Jabber/Mail:	hanno@...eck.de

http://schokokeks.org - professional webhosting

Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.