FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mumble -- multiple vulnerabilities

Affected packages
1.2.0 <= mumble < 1.2.6

Details

VuXML ID 77e2e631-e742-11e3-9a25-5404a6a6412c
Discovery 2014-04-16
Entry 2014-05-29

Mumble reports:

SVG images with local file references could trigger client DoS

The Mumble client did not properly HTML-escape some external strings before using them in a rich-text (HTML) context.

References

URL http://mumble.info/security/Mumble-SA-2014-005.txt
URL http://mumble.info/security/Mumble-SA-2014-006.txt