FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openfire -- multiple vulnerabilities

Affected packages
		openfire	<	3.6.3

Details

VuXML ID	c3aba586-ea77-11dd-9d1e-000bcdc1757a
Discovery	2009-01-08
Entry	2009-01-25
Modified	2010-05-02

Core Security Technologies reports:

Multiple cross-site scripting vulnerabilities have been found which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code.

[source]

References

Bugtraq ID	32935
Bugtraq ID	32937
Bugtraq ID	32938
Bugtraq ID	32939
Bugtraq ID	32940
Bugtraq ID	32943
Bugtraq ID	32944
Bugtraq ID	32945
CVE Name	CVE-2009-0496
CVE Name	CVE-2009-0497
URL	http://www.coresecurity.com/content/openfire-multiple-vulnerabilities