Lucene search
PRIOn knowledge basePRION:CVE-2012-1578HistorySep 09, 2012 - 9:55 p.m.
Cross site request forgery (csrf)
2012-09-0921:55:00
PRIOn knowledge base
www.prio-n.com
5
Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mediawiki | eq | 1.17.1 | |
| mediawiki | eq | 1.17 | |
| mediawiki | eq | 1.17 beta-1 | |
| mediawiki | eq | 1.17.2 | |
| mediawiki | eq | 1.17.0 | |
| mediawiki | eq | 1.17.0 rc1 | |
| mediawiki | eq | 1.18 beta-1 | |
| mediawiki | eq | 1.18 | |
| mediawiki | eq | 1.18.0 rc1 | |
| mediawiki | eq | 1.18.1 |
References
osvdb.org/80361
secunia.com/advisories/48504
www.openwall.com/lists/oss-security/2012/03/22/9
www.openwall.com/lists/oss-security/2012/03/24/1
www.securityfocus.com/bid/52689
bugzilla.wikimedia.org/show_bug.cgi?id=34212
exchange.xforce.ibmcloud.com/vulnerabilities/78911
lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html
lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html
Related
cve
cve
CVE-2012-1578
2012-09-09 21:55:05
cvelist
cvelist
CVE-2012-1578
2012-09-09 21:00:00
ubuntucve
ubuntucve
CVE-2012-1578
2012-09-09 00:00:00
nvd
nvd
CVE-2012-1578
2012-09-09 21:55:05
debiancve
debiancve
CVE-2012-1578
2012-09-09 21:55:05
nessus
nessus
MediaWiki < 1.17.3 / 1.18.2 Multiple Vulnerabilities
2012-05-02 00:00:00
GLSA-201206-09 : MediaWiki: Multiple vulnerabilities
2012-06-22 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2012-06-21 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
2012-08-10 00:00:00