Date: Thu, 19 Apr 2012 10:43:23 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Cc: Kurt Seifried <kseifried@...hat.com>, Hanno Böck <hanno@...eck.de>, Yves-Alexis Perez <corsac@...ian.org> Subject: Re: CVE-request: WordPress 3.1.1 On Tue, Apr 17, 2012 at 11:10:27PM -0600, Kurt Seifried wrote: > Can you make a clean list of security issues and the versions > affected? Thanks. Two issues in 3.1.1 are without 2011 CVE-identifiers, which are announced in here: http://wordpress.org/news/2011/04/wordpress-3-1-1/ (April 5, 2011). Issue #1: http://osvdb.org/show/osvdb/72141 http://secunia.com/advisories/44038/ "Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site." Issue #2: http://osvdb.org/show/osvdb/72142 http://secunia.com/advisories/44038/ "The "make_clickable()" function in wp-includes/formatting.php does not properly check the URL length in comments before passing it to the PCRE library, which can be exploited to cause a crash." Both vulnerabilities are reported in versions prior to 3.1.1. - Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ