DSA-1836-1 fckeditor -- missing input sanitisingID: oval:org.secpod.oval:def:600494 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
Vinny Guido discovered that multiple input sanitising vulnerabilities in Fckeditor, a rich text web editor component, may lead to the execution of arbitrary code. The old stable distribution doesn"t contain fckeditor. For the stable distribution , this problem has been fixed in version 1:2.6.2-1lenny1. For the unstable distribution , this problem has been fixed in version 1:2.6.4.1-1. We recommend that you upgrade your fckeditor package.