202750 CVE-2007-6156 2007-12-19 04:43 0000 net-analyzer/base < 1.3.9 base_qry_main.php XSS (CVE-2007-6156) 2008-07-06 22:09:56 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://sourceforge.net/tracker/index.php?func=detail&aid=1801192&group_id=103348&atid=635582 ~4 [noglsa] P2 trivial --- 1 rbu@gentoo.org security@gentoo.org jackdachef@gmail.com netmon@gentoo.org rbu@gentoo.org 2007-12-19 04:43:53 0000 CVE-2007-6156 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6156): Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters. rbu@gentoo.org 2007-12-19 04:48:39 0000 Netmon, please bump. rbu@gentoo.org 2008-01-08 02:46:11 0000 netmon, ping. jaervosz@gentoo.org 2008-02-26 20:57:22 0000 netmon please advise. py@gentoo.org 2008-05-11 14:41:03 0000 rbu (or someone else with commit access), please bump so we can close this one... py@gentoo.org 2008-07-06 21:06:56 0000 (In reply to comment #4) > rbu (or someone else with commit access), please bump so we can close this > one... > *ping*, it's been half a year now... rbu@gentoo.org 2008-07-06 21:40:48 0000 *** Bug 229965 has been marked as a duplicate of this bug. *** rbu@gentoo.org 2008-07-06 22:09:56 0000 + 06 Jul 2008; Robert Buchholz <rbu@gentoo.org> -base-1.3.6.ebuild, + -base-1.3.8.ebuild, +base-1.4.0.ebuild: + Version bump, Fixes: XSS Security bug #202750 and undefined function + base_header() #201643