Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5687

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5687
Last Modified 28 Dec 2010 12:00:00
Published 19 Dec 2008 12:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5687

Summary

MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.

Vulnerable Systems

Application

  • Mediawiki 1.11

  • Mediawiki 1.11.1

  • Mediawiki 1.11.2

  • Mediawiki 1.12.0

  • Mediawiki 1.12.1

  • Mediawiki 1.12.2

  • Mediawiki 1.12.3

  • Mediawiki 1.13.0

  • Mediawiki 1.13.1

  • Mediawiki 1.13.2


References

FEDORA - FEDORA-2008-11802

FEDORA - FEDORA-2008-11688

XF - mediawiki-images-info-disclosure(47678)

SECUNIA - 33349

MLIST - [mediawiki-announce] 20081215 MediaWiki 1.13.3, 1.12.2, 1.6.11 security update


Last Updated: 27 May 2016 10:48:53