Re: Several flaws in e-business designer (eBD)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Several flaws in e-business designer (eBD)
From: ebd.soporte@xxxxxxxxxxxxx
Date: 16 Jun 2006 08:32:07 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

A Bug in the eBD HTML editor has been discovered. It will allow an user to 
modify the images of the /imgfiles folder (the files raised in the option 
resources > images).

 
Oasyssoft, the producer, has installed the patch in all our servers, so all 
MyeBD users are updated since the end of may.
 
Anyway, you will find here the emergency Patch instalation 
http://lists.oasyssoft.com/ebd-devel/200605/binNr7awTFdvt.bin  for being 
installed at your servers. Althought this patch is for version 3.1.4, it is 
also available in all eBD versions.

The other mentioned vulnerabilities have no relation to eBD. System Managers 
are in charge of configuring their servers in a secure way, whether or not they 
are executing eBD .

If you require further information, please contact us at 
ebd.soporte@xxxxxxxxxxxxxx

Prev by Date: Indexu v 5.0.01 Multiple Remote File Include Vulnerabilities
Next by Date: [security bulletin] HPSBUX02115 SSRT061077 rev.1 - HP-UX running Support Tools Manager (xstm, cstm, stm) Local Denial of Service (DoS)
Previous by thread: Several flaws in e-business designer (eBD)
Next by thread: PHP Live Helper ASP(chat.php) XSS
Index(es):
- Date
- Thread