Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1498

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1498
Last Modified 07 Mar 2011 09:33:12
Published 29 Mar 2006 07:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1498

Summary

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links.

Vulnerable Systems

Application

  • Mediawiki 1.4.1

  • Mediawiki 1.4.10

  • Mediawiki 1.4.11

  • Mediawiki 1.4.12

  • Mediawiki 1.4.13

  • Mediawiki 1.4.14

  • Mediawiki 1.4.2

  • Mediawiki 1.4.3

  • Mediawiki 1.4.4

  • Mediawiki 1.4.5

  • Mediawiki 1.4.6

  • Mediawiki 1.4.7

  • Mediawiki 1.4.8

  • Mediawiki 1.4.9

  • Mediawiki 1.5 Alpha1

  • Mediawiki 1.5 Alpha2

  • Mediawiki 1.5 Beta1

  • Mediawiki 1.5 Beta2

  • Mediawiki 1.5 Beta3

  • Mediawiki 1.5 Beta4

  • Mediawiki 1.5 Rc2

  • Mediawiki 1.5 Rc3

  • Mediawiki 1.5 Rc4

  • Mediawiki 1.5.0

  • Mediawiki 1.5.1

  • Mediawiki 1.5.2

  • Mediawiki 1.5.3

  • Mediawiki 1.5.4

  • Mediawiki 1.5.5

  • Mediawiki 1.5.6

  • Mediawiki 1.5.7


References

BID - 17269

MLIST - [MediaWiki-announce] 20060327 MediaWiki 1.5.8, 1.4.15 released [SECURITY]

VUPEN - ADV-2006-1194

CONFIRM - http://www.mediawiki.org/wiki/MediaWiki

XF - mediawiki-unspecified-xss(25588)

SUSE - SUSE-SR:2006:007

GENTOO - GLSA-200604-01

SECUNIA - 19517

SECUNIA - 19508

SECUNIA - 19504


Last Updated: 27 May 2016 10:42:06