Date: Thu, 19 Apr 2012 10:43:23 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Cc: Kurt Seifried <kseifried@...hat.com>, Hanno Böck <hanno@...eck.de>, Yves-Alexis Perez <corsac@...ian.org> Subject: Re: CVE-request: WordPress 3.1.1 On Tue, Apr 17, 2012 at 11:10:27PM -0600, Kurt Seifried wrote: > Can you make a clean list of security issues and the versions > affected? Thanks. Two issues in 3.1.1 are without 2011 CVE-identifiers, which are announced in here: http://wordpress.org/news/2011/04/wordpress-3-1-1/ (April 5, 2011). Issue #1: http://osvdb.org/show/osvdb/72141 http://secunia.com/advisories/44038/ "Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site." Issue #2: http://osvdb.org/show/osvdb/72142 http://secunia.com/advisories/44038/ "The "make_clickable()" function in wp-includes/formatting.php does not properly check the URL length in comments before passing it to the PCRE library, which can be exploited to cause a crash." Both vulnerabilities are reported in versions prior to 3.1.1. - Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.