3 matches found
CVE-2014-5138
CVE-2014-5138 concerns the Sierra Library Services Platform (1.2_3) where the application mishandles multiple instances of the same query parameter, enabling an attacker to bypass parameter validation via crafted requests. The issue is tied to the Webpac Pro submodule in some configurations. Publ...
Sierra Library Services Platform Multiple Vulnerability Disclosure
Product: Sierra Library Services Platform Vendor: Innovative Interfaces Inc Vulnerable Version: 1.23 Tested Version: 1.23 Vendor Notification: June 19, 2014 Public Disclosure: August 26, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5136 Risk Level: Medium CVSSv2 Ba...
gnutls security update
1.4.1-14 - Renamed gnutls-1.4.1-cve-2014-0092-1.patch to cve-2014-5138.patch - Renamed gnutls-1.4.1-cve-2014-0092-2.patch to cve-2014-0092.patch 1.4.1-13 - fix issues of CVE-2014-0092 1069888 1.4.1-12 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 1.4.1-11 - fix...