Lucene search
HistoryJun 27, 2012 - 9:55 p.m.
CVE-2011-4957
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.1%
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.
Affected configurations
Node
wordpresswordpressRange≤3.1
ORwordpresswordpressMatch0.71
ORwordpresswordpressMatch1.0
ORwordpresswordpressMatch1.0.1
ORwordpresswordpressMatch1.0.2
ORwordpresswordpressMatch1.1.1
ORwordpresswordpressMatch1.2
ORwordpresswordpressMatch1.2.1
ORwordpresswordpressMatch1.2.2
ORwordpresswordpressMatch1.2.3
ORwordpresswordpressMatch1.2.4
ORwordpresswordpressMatch1.2.5
ORwordpresswordpressMatch1.2.5a
ORwordpresswordpressMatch1.3
ORwordpresswordpressMatch1.3.2
ORwordpresswordpressMatch1.3.3
ORwordpresswordpressMatch1.5
ORwordpresswordpressMatch1.5.1
ORwordpresswordpressMatch1.5.1.1
ORwordpresswordpressMatch1.5.1.2
ORwordpresswordpressMatch1.5.1.3
ORwordpresswordpressMatch1.5.2
ORwordpresswordpressMatch2.0
ORwordpresswordpressMatch2.0.1
ORwordpresswordpressMatch2.0.2
ORwordpresswordpressMatch2.0.4
ORwordpresswordpressMatch2.0.5
ORwordpresswordpressMatch2.0.6
ORwordpresswordpressMatch2.0.7
ORwordpresswordpressMatch2.0.8
ORwordpresswordpressMatch2.0.9
ORwordpresswordpressMatch2.0.10
ORwordpresswordpressMatch2.0.11
ORwordpresswordpressMatch2.1
ORwordpresswordpressMatch2.1.1
ORwordpresswordpressMatch2.1.2
ORwordpresswordpressMatch2.1.3
ORwordpresswordpressMatch2.2
ORwordpresswordpressMatch2.2.1
ORwordpresswordpressMatch2.2.2
ORwordpresswordpressMatch2.2.3
ORwordpresswordpressMatch2.3
ORwordpresswordpressMatch2.3.1
ORwordpresswordpressMatch2.3.2
ORwordpresswordpressMatch2.3.3
ORwordpresswordpressMatch2.5
ORwordpresswordpressMatch2.5.1
ORwordpresswordpressMatch2.6
ORwordpresswordpressMatch2.6.1
ORwordpresswordpressMatch2.6.2
ORwordpresswordpressMatch2.6.3
ORwordpresswordpressMatch2.6.5
ORwordpresswordpressMatch2.7
ORwordpresswordpressMatch2.7.1
ORwordpresswordpressMatch2.8
ORwordpresswordpressMatch2.8.1
ORwordpresswordpressMatch2.8.2
ORwordpresswordpressMatch2.8.3
ORwordpresswordpressMatch2.8.4
ORwordpresswordpressMatch2.8.4a
ORwordpresswordpressMatch2.8.5
ORwordpresswordpressMatch2.8.5.1
ORwordpresswordpressMatch2.8.5.2
ORwordpresswordpressMatch2.8.6
ORwordpresswordpressMatch2.9
ORwordpresswordpressMatch2.9.1
ORwordpresswordpressMatch2.9.1.1
ORwordpresswordpressMatch2.9.2
ORwordpresswordpressMatch3.0
ORwordpresswordpressMatch3.0.1
ORwordpresswordpressMatch3.0.2
ORwordpresswordpressMatch3.0.3
ORwordpresswordpressMatch3.0.4
ORwordpresswordpressMatch3.0.5
ORwordpresswordpressMatch3.0.6
Related
prion
prion
Code injection
2012-06-27 21:55:00
cve
cve
CVE-2011-4957
2022-10-03 16:15:13
cvelist
cvelist
CVE-2011-4957
2022-10-03 16:15:13
wpvulndb
wpvulndb
WordPress 3.1 - PCRE Library Remote DoS
2014-08-01 00:00:00
debiancve
debiancve
CVE-2011-4957
2022-10-03 16:15:13
patchstack
patchstack
WordPress <= 3.1.0 - Multiple Vulnerabilities
2011-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2011-4957
2012-06-27 00:00:00
nessus
nessus
WordPress < 3.1.1 Multiple Vulnerabilities
2018-01-24 00:00:00
WordPress < 3.1.1 Multiple Vulnerabilities
2016-02-26 00:00:00
Debian DSA-2470-1 : wordpress - several vulnerabilities
2012-05-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 2670-1 (wordpress)
2012-05-31 00:00:00
Debian Security Advisory DSA 2670-1 (wordpress)
2012-05-31 00:00:00
Debian: Security Advisory (DSA-2470-1)
2023-03-08 00:00:00
osv
osv
wordpress - several
2012-05-11 00:00:00
debian
debian
[SECURITY] [DSA 2670-1] wordpress security update
2012-05-11 20:41:14
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.1%
Related for NVD:CVE-2011-4957