Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5688

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5688
Last Modified 18 Feb 2009 12:00:00
Published 19 Dec 2008 12:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5688

Summary

MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.

Vulnerable Systems

Application

  • Mediawiki 1.10.0

  • Mediawiki 1.10.1

  • Mediawiki 1.10.2

  • Mediawiki 1.10.3

  • Mediawiki 1.10.4

  • Mediawiki 1.11

  • Mediawiki 1.11.1

  • Mediawiki 1.11.2

  • Mediawiki 1.12.0

  • Mediawiki 1.12.1

  • Mediawiki 1.12.2

  • Mediawiki 1.12.3

  • Mediawiki 1.13.0

  • Mediawiki 1.13.1

  • Mediawiki 1.13.2

  • Mediawiki 1.8.1

  • Mediawiki 1.8.2

  • Mediawiki 1.8.3

  • Mediawiki 1.8.4

  • Mediawiki 1.8.5

  • Mediawiki 1.9.0

  • Mediawiki 1.9.1

  • Mediawiki 1.9.2

  • Mediawiki 1.9.3

  • Mediawiki 1.9.4

  • Mediawiki 1.9.5

  • Mediawiki 1.9.6


References

FEDORA - FEDORA-2008-11802

FEDORA - FEDORA-2008-11688

MISC - http://www.mediawiki.org/wiki/Manual:$wgShowExceptionDetails

SECUNIA - 33349

MLIST - [mediawiki-announce] 20081215 MediaWiki 1.13.3, 1.12.2, 1.6.11 security update


Last Updated: 27 May 2016 10:48:53