[VIM] TinyMCE advisory question (fwd)
mattmurphy at kc.rr.com
Fri Dec 30 18:52:31 EST 2005
-----BEGIN PGP SIGNED MESSAGE-----
TinyMCE isn't what he's referring to. It seems the compressor is an
optional seperate package? The advisory specifically names Compressor
as being vulnerable. Indeed, on the front page of the vendor's site
(tinymce.moxiecode.com) is the following:
"Critical update of TinyMCE Compressor (PHP)
A possible security issue has been found with the TinyMCE Compressor
(PHP), we urge you to upgrade to 1.05 version as soon as possible!
Thanks to Stefan Esser (http://www.hardened-php.net) for reporting this
The compressor appears to be a simple add-on component (it has two
versions, one in PHP, one in ASP.NET).
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."
-- Michael Holstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3436 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.attrition.org/pipermail/vim/attachments/20051230/6a899d71/attachment-0001.bin
More information about the VIM