6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Fernando MuĂąoz discovered a security issue on the HTML syntax checker and
reformatter tidy. Tidy did not properly process specific character sequences,
and a remote attacker could exploit this flaw to cause a DoS, or probably,
execute arbitrary code. Two different CVEs were assigned to this issue.
For the Squeeze distribution, this issue has been fixed in the
20091223cvs-1+deb6u1 version of tidy.
We recommend that you upgrade your tidy packages.
CPE | Name | Operator | Version |
---|---|---|---|
tidy | eq | 20091223cvs-1 |