[Secure-testing-team] [Secure-testing-commits] r12595 - in data: CVE DSA
Michael S Gilbert
michael.s.gilbert at gmail.com
Fri Aug 14 21:35:27 UTC 2009
On Fri, Aug 14, 2009 at 5:29 PM, Giuseppe Iuculano<giuseppe at iuculano.it> wrote:
> Yes, I checked against the PoC, but also upstream confirmed[1] that
>
> [1]http://wordpress.org/development/2007/04/wordpress-213-and-2010/
i still don't see CVE-2007-4483 claimed fixed there. so the
difference bettween 1622 and 4483 is the affected file:
wp-includes/vars.php vs. wp-content/themes/classic/index.php.
hence, 4483 is specific to the classic theme, so you will need to test
the proof-of-concept when using that theme.
mike
More information about the Secure-testing-team
mailing list