Bug#497640: zoneminder: Several security issues (XSS, SQL injection, Command injection)

On Wed, 2008-09-03 at 19:54 +1000, Steffen Joeris wrote: > Package: zoneminder > Severity: grave > Tags: security > Justification: user security hole > > Hi, > the following CVE (Common Vulnerabilities & Exposures) ids were > published for zoneminder. > These are currently being fixed in the nex

Bug#497640: zoneminder: Several security issues (XSS, SQL injection, Command injection)

Package: zoneminder Severity: grave Tags: security Justification: user security hole Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for zoneminder. CVE-2008-3882[0]: | ZoneMinder 1.23.3 and earlier allows remote attackers to execute | arbitrary commands (aka "Comman