Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-3414HistoryJul 19, 2013 - 2:36 p.m.
CVE-2012-3414
2013-07-1914:36:00
Debian Security Bug Tracker
security-tracker.debian.org
17
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.034 Low
EPSS
Percentile
91.4%
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the โExternalInterface.callโ function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | <ย 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 11 | all | wordpress | <ย 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 10 | all | wordpress | <ย 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 999 | all | wordpress | <ย 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
| Debian | 13 | all | wordpress | <ย 3.5.1+dfsg-1 | wordpress_3.5.1+dfsg-1_all.deb |
Related
securityvulns
securityvulns
CS and XSS vulnerabilities in SWFUpload
2013-03-11 00:00:00
XSS and CS vulnerabilities in Dotclear
2013-05-06 00:00:00
XSS vulnerability in swfupload in WordPress
2012-11-18 00:00:00
threatpost
threatpost
Issue with SWFUploader Could Lead to XSS Vulnerabilities, Content Spoofing
2013-03-12 19:10:36
Yahoo Mail Breach Linked to Old WordPress Vulnerability
2013-02-01 03:42:54
packetstorm
packetstorm
SWF Upload Cross Site Scripting
2012-11-13 00:00:00
WordPress 3.3.1 swfupload.swf Cross Site Scripting
2012-11-09 00:00:00
Dotclear 2.4.4 Cross Site Scripting / Content Spoofing
2013-04-13 00:00:00
openvas
openvas
FreeBSD Ports: typo3
2012-08-10 00:00:00
TYPO3 SWFUpload movieName Cross Site Scripting Vulnerability
2014-01-02 00:00:00
zdt
zdt
Dotclear XSS Vulnerabilities
2013-04-14 00:00:00
Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities
2014-01-23 00:00:00
seebug
seebug
Turbomail้ฎไปถ็ณป็ปXSS-1
2014-12-24 00:00:00
cve
cve
patchstack
patchstack
WordPress SWFUpload Plugin <= 2.2.0.1 - XSS #1
2012-06-14 00:00:00
prion
prion
Cross site scripting
2013-07-19 14:36:00
Cross site scripting
2012-04-21 23:55:00
Design/Logic Flaw
2022-06-30 13:15:00
typo3
typo3
Cross-Site Scripting Vulnerability in TYPO3 Core
2012-07-04 00:00:00
ubuntucve
ubuntucve
CVE-2012-3414
2013-07-19 00:00:00
CVE-2012-2399
2012-04-21 00:00:00
debiancve
debiancve
CVE-2012-2399
2012-04-21 23:55:00
nessus
nessus
WordPress < 3.3.2 Multiple Vulnerabilities
2012-05-09 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.034 Low
EPSS
Percentile
91.4%
Related for DEBIANCVE:CVE-2012-3414