Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-2399HistoryApr 21, 2012 - 11:55 p.m.
CVE-2012-2399
2012-04-2123:55:00
Debian Security Bug Tracker
security-tracker.debian.org
19
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
86.5%
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different vulnerability than CVE-2012-3414.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 3.3.2+dfsg-1 | wordpress_3.3.2+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | < 3.3.2+dfsg-1 | wordpress_3.3.2+dfsg-1_all.deb |
| Debian | 10 | all | wordpress | < 3.3.2+dfsg-1 | wordpress_3.3.2+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | < 3.3.2+dfsg-1 | wordpress_3.3.2+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | < 3.3.2+dfsg-1 | wordpress_3.3.2+dfsg-1_all.deb |
Related
cve
cve
prion
prion
Cross site scripting
2012-04-21 23:55:00
Cross site scripting
2013-07-19 14:36:00
Design/Logic Flaw
2022-06-30 13:15:00
packetstorm
packetstorm
WordPress E-Commerce 3.8.9.5 File Upload / XSS / CSRF / Code Execution
2014-01-24 00:00:00
WordPress 3.3.1 swfupload.swf Cross Site Scripting
2012-11-09 00:00:00
SWF Upload Cross Site Scripting
2012-11-13 00:00:00
zdt
zdt
Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities
2014-01-23 00:00:00
Dotclear XSS Vulnerabilities
2013-04-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-2399
2012-04-21 00:00:00
CVE-2012-3414
2013-07-19 00:00:00
jvn
jvn
JVN#25280162: WordPress vulnerable to cross-site scripting
2013-07-26 00:00:00
securityvulns
securityvulns
CS and XSS vulnerabilities in SWFUpload
2013-03-11 00:00:00
XSS vulnerability in swfupload in WordPress
2012-11-18 00:00:00
XSS and CS vulnerabilities in Dotclear
2013-05-06 00:00:00
threatpost
threatpost
Issue with SWFUploader Could Lead to XSS Vulnerabilities, Content Spoofing
2013-03-12 19:10:36
Yahoo Mail Breach Linked to Old WordPress Vulnerability
2013-02-01 03:42:54
openvas
openvas
FreeBSD Ports: typo3
2012-08-10 00:00:00
TYPO3 SWFUpload movieName Cross Site Scripting Vulnerability
2014-01-02 00:00:00
FreeBSD Ports: wordpress
2012-04-30 00:00:00
seebug
seebug
Turbomail邮件系统XSS-1
2014-12-24 00:00:00
typo3
typo3
Cross-Site Scripting Vulnerability in TYPO3 Core
2012-07-04 00:00:00
patchstack
patchstack
WordPress SWFUpload Plugin <= 2.2.0.1 - XSS #1
2012-06-14 00:00:00
WordPress SWFUpload Plugin <= 2.2.0.1 - XSS #2
2012-04-21 00:00:00
debiancve
debiancve
CVE-2012-3414
2013-07-19 14:36:00
nessus
nessus
WordPress < 3.3.2 Multiple Vulnerabilities
2012-05-09 00:00:00
Fedora 16 : wordpress-3.3.2-2.fc16 (2012-6542)
2012-05-14 00:00:00
freebsd
freebsd
wordpress -- multiple vulnerabilities
2012-04-20 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: wordpress-3.3.2-2.fc16
2012-05-11 10:27:22
[SECURITY] Fedora 15 Update: wordpress-3.3.2-2.fc15
2012-05-11 10:30:10
[SECURITY] Fedora 17 Update: wordpress-3.3.2-2.fc17
2012-05-26 08:10:24
osv
osv
wordpress - several
2012-05-11 00:00:00
debian
debian
[SECURITY] [DSA 2670-1] wordpress security update
2012-05-11 20:41:14
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
86.5%
Related for DEBIANCVE:CVE-2012-2399