[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Feed2JS/MagpieRSS 0day vulnerability (not really, it is actually CVE-2005-3330 / CVE-2008-4796)

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] Feed2JS/MagpieRSS 0day vulnerability (not really, it is actually CVE-2005-3330 / CVE-2008-4796)
From: Cody Tarrant <cody@xxxxxxxxxx>
Date: Mon, 07 Jul 2014 02:11:27 -0700

Did you find the vuln first and then see the older CVEs or the other way
around, bringing the CVEs back to life?

On Thu, Jul 3, 2014, at 03:49 AM, Michail Strokin wrote:
> Feed2JS is a tool for user-friendly(developer-wise) embedding the RSS
> feeds on the pages without messing with XML.
> 
> P.P.S should I request a CVE?

Why not? Could be interesting to see whether it's granted given the
older ones.

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] Feed2JS/MagpieRSS 0day vulnerability (not really, it is actually CVE-2005-3330 / CVE-2008-4796)
  - From: Michail Strokin

Prev by Date: Re: [FD] new pen-test tool!
Next by Date: [FD] iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries
Previous by thread: [FD] Feed2JS/MagpieRSS 0day vulnerability (not really, it is actually CVE-2005-3330 / CVE-2008-4796)
Next by thread: [FD] Finding page including parameters with google dorks
Index(es):
- Date
- Thread