35e59726bc
"A vulnerability in Weex can be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system. The vulnerability is caused due to a format string error in the "log_flush()" function when flushing an error log entry that contains format string specifiers to disk. This may be exploited to execute arbitrary code on a user's system via a directory name containing format string specifiers. Successful exploitation requires that the attacker is able to create directories within the user's Weex home directory." http://secunia.com/advisories/17028/ Patch from FreeBSD PR ports/86833. |
||
|---|---|---|
| .. | ||
| patches | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| PLIST | ||