Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4885

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4885
Last Modified 10 Sep 2012 02:27:56
Published 09 Sep 2012 05:55:07
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4885

Summary

The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to cause a denial of service (infinite loop) via certain input, as demonstrated by the padleft function.

Vulnerable Systems

Application

  • Mediawiki 1.17

  • Mediawiki 1.17.0

  • Mediawiki 1.17.1

  • Mediawiki 1.17.2

  • Mediawiki 1.18

  • Mediawiki 1.18.0

  • Mediawiki 1.18.1


References

CONFIRM - https://bugzilla.wikimedia.org/show_bug.cgi?id=35315

CONFIRM - https://bugzilla.wikimedia.org/show_bug.cgi?id=22555

BID - 52689

MLIST - [oss-security] 20120323 CVEs for MediaWiki security and maintenance release 1.18.2

MLIST - [oss-security] 20120322 MediaWiki security and maintenance release 1.18.2

SECUNIA - 48504

MLIST - [MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.18.2

MLIST - [MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.17.3


Last Updated: 27 May 2016 11:00:32