CVE-2009-3584

Priority
Low
Description
SQL-Ledger 2.8.24 does not set the secure flag for the session cookie in an
https session, which makes it easier for remote attackers to capture this
cookie by intercepting its transmission within an http session.
References
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 15.04 (Vivid Vervet):needed
Ubuntu 15.10 (Wily Werewolf):needed
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:14:45 UTC (commit 9756)