oss-sec mailing list archives
Re: CVE-request: WordPress 3.1.1
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 19 Apr 2012 09:56:52 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/19/2012 01:43 AM, Henri Salo wrote:
On Tue, Apr 17, 2012 at 11:10:27PM -0600, Kurt Seifried wrote:Can you make a clean list of security issues and the versions affected? Thanks.Two issues in 3.1.1 are without 2011 CVE-identifiers, which are announced in here: http://wordpress.org/news/2011/04/wordpress-3-1-1/ (April 5, 2011). Issue #1: http://osvdb.org/show/osvdb/72141 http://secunia.com/advisories/44038/ "Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site."
Please use CVE-2011-4956 for this issue.
Issue #2: http://osvdb.org/show/osvdb/72142 http://secunia.com/advisories/44038/ "The "make_clickable()" function in wp-includes/formatting.php does not properly check the URL length in comments before passing it to the PCRE library, which can be exploited to cause a crash."
Please use CVE-2011-4957 for this issue.
Both vulnerabilities are reported in versions prior to 3.1.1. - Henri Salo
- -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPkDXDAAoJEBYNRVNeJnmTEkUP/2JcZah+MvvsfkT04zWOGpwO 72szSSSvrLzEyIyJatAVvEjIEI4/q1voaYxBJXWkDAqx2r3v3Ni3Ns2Rd8SLK5Uk QG7XfUs/aVrW9eQSJ/keD5XSTdmFbA0EwVuEA7/x/N9ODFG8YHW5O8k7sazDlRzp N7VipPKEa8OqYg/9t6EAFvfIZdkvZ7lS4Nrzgd7j3eT/VnmshU5JLMosdYxbbWol 5VnkEQ8FvhqpCdlRDSGS2kJxrwbhos50ad9aFwQXfMcXNQlENUEogLF1uCVRt5UW wm7xNeboi+zbiCBfo7BkwiDmsuZhCTHwt5EV4jJ60GDIfY91ode1N3tXt785/li2 EHtwbkO2C2k2vPqNh8pKKHOV9xqAwLhYIN6JqGN1Eywz4xQrVgqzPT6meai5Y8f3 pEeX0hKPT0P/Zq6zK0vpVUN2bHYmSbIRJqOaAWEPFiQ/HnngDflQR8KcnQ7Edbk/ 9wWsjZ0raHMuYg3TgI/idLpimj6jNBUDUPzdrfufU4AuihQ79wIhwmpRcKh6sNHu bgGSxFl/TbSKFknECbgkNDmoxq+RrH7MW3eEsBTeQyRDBW62ZiJikfokYid/kMRn XxMhQBx7zYfOsOzvh9a+FC2+5scn6uZUDgNUx5Jy/8GeqCLuq2/PqHpSukpZcftF l1zzfWJ5VEmNwkAp2Hz/ =hp+u -----END PGP SIGNATURE-----
Current thread:
- Re: CVE-request: WordPress 3.1.1 Henri Salo (Apr 17)
- Re: CVE-request: WordPress 3.1.1 Kurt Seifried (Apr 17)
- Re: CVE-request: WordPress 3.1.1 Henri Salo (Apr 19)
- Re: CVE-request: WordPress 3.1.1 Kurt Seifried (Apr 19)
- Re: CVE-request: WordPress 3.1.1 Henri Salo (Apr 19)
- <Possible follow-ups>
- Re: CVE-request: WordPress 3.1.1 Henri Salo (Apr 17)
- Re: CVE-request: WordPress 3.1.1 Kurt Seifried (Apr 17)