Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-3747HistoryAug 27, 2008 - 3:21 p.m.
CVE-2008-3747
2008-08-2715:21:00
Debian Security Bug Tracker
security-tracker.debian.org
11
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.006
Percentile
77.8%
The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 2.5.1-6 | wordpress_2.5.1-6_all.deb |
| Debian | 11 | all | wordpress | < 2.5.1-6 | wordpress_2.5.1-6_all.deb |
| Debian | 999 | all | wordpress | < 2.5.1-6 | wordpress_2.5.1-6_all.deb |
| Debian | 13 | all | wordpress | < 2.5.1-6 | wordpress_2.5.1-6_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 8 Update: wordpress-2.6.1-1.fc8
2008-09-10 07:24:48
[SECURITY] Fedora 9 Update: wordpress-2.6.1-1.fc9
2008-09-05 12:22:05
[SECURITY] Fedora 9 Update: wordpress-2.6.1-1.fc9
2008-09-10 06:56:05
openvas
openvas
WordPress <= 2.6.1 Multiple Vulnerabilities
2008-09-25 00:00:00
Fedora Update for wordpress FEDORA-2008-7279
2009-02-17 00:00:00
Fedora Update for wordpress FEDORA-2008-7279
2009-02-17 00:00:00
cve
cve
CVE-2008-3747
2008-08-27 15:21:00
nessus
nessus
Fedora 8 : wordpress-2.6.1-1.fc8 (2008-7463)
2008-09-10 00:00:00
Fedora 9 : wordpress-2.6.1-1.fc9 (2008-7279)
2008-09-08 00:00:00
patchstack
patchstack
WordPress <= 2.6.0 - Multiple vulnerabilities
2008-08-20 00:00:00
cvelist
cvelist
CVE-2008-3747
2008-08-27 15:00:00
prion
prion
Code injection
2008-08-27 15:21:00
redhatcve
redhatcve
CVE-2008-3747
2019-10-04 20:25:44
ubuntucve
ubuntucve
CVE-2008-3747
2008-08-27 00:00:00
nvd
nvd
CVE-2008-3747
2008-08-27 15:21:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.006
Percentile
77.8%
Related for DEBIANCVE:CVE-2008-3747