Advisories » MGASA-2013-0163

Updated php-geshi package fix security vulnerabilities

Publication date: 06 Jun 2013
Modification date: 18 Jun 2013
Type: security
Affected Mageia releases : 2
CVE: CVE-2012-3251 , CVE-2012-3522

Description

A directory traversal and information disclosure (local file inclusion) flaws
were found in the cssgen contrib module (application to generate custom CSS
files) of GeSHi, a generic syntax highlighter, performed sanitization of
'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote
attacker could provide a specially-crafted URL that, when visited could lead
to local file system traversal or, potentially, ability to read content of
any local file, accessible with the privileges of the user running the
webserver (CVE-2012-3251).

A cross-site scripting (XSS) flaw was found in the way 'langwiz' example
script of GeSHi, a generic syntax highlighter, performed sanitization of
certain HTTP GET / POST request variables (prior dumping their content). A
remote attacker could provide a specially-crafted URL that, when visited
would lead to arbitrary HTML or web script execution (CVE-2012-3522).
                

References

• http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105247.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3251
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3522

SRPMS

2/core

• php-geshi-1.0.8.11-1.mga2