| VID |
21752 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The MediaWiki sofware, according to its version number, has multiple vulnerabilities. MediaWiki is a freely available editing program for Wikipedia, Wiktionary, and other software written in PHP. MediaWiki versions prior to 1.3.17, 1.4.11 and 1.5.0 are vulnerable to multiple vulnerabilities, which can be exploited by a remote attacker to conduct cross-site scripting and database corruption attacks:
1) MediaWiki History Database Corruption Vulnerability: A bug in MediaWiki Wiki edit submission handling routine could cause corruption of the previous revision in the database if an abnormal URL was used, such as those used by some spam bots.
2) A Cross-Site Scripting Vulnerability: User-input for HTML inline style attributes isn't properly sanitized before being used. This can be exploited to inject arbitrary script code, which will be executed in a user's browser session in context of an affected site when the malicious user data is viewed.
* Note: This check solely relied on the version number of MediaWiki on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://sourceforge.net/project/shownotes.php?release_id=342530
http://sourceforge.net/forum/forum.php?forum_id=501174
http://secunia.com/advisories/17074/
* Platforms Affected:
The Wikimedia Foundation, Inc., MediaWiki prior to 1.3.17
The Wikimedia Foundation, Inc., MediaWiki prior to 1.4.11
The Wikimedia Foundation, Inc., MediaWiki prior to 1.5.0
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MediaWiki (1.3.17 or 1.4.11 or 1.5.0 or later), available from the MediaWiki Web page at http://www.mediawiki.org/wiki/Download#Stable |
| Related URL |
CVE-2005-3167 (CVE) |
| Related URL |
15024,15041 (SecurityFocus) |
| Related URL |
22533 (ISS) |
|
