9 matches found
Mageia: Security Advisory (MGASA-2014-0506)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9277
CVE-2014-9277 affects MediaWiki: The wfMangleFlashPolicy function in OutputHandler.php allows remote PHP object injection via a crafted request containing , affecting MediaWiki versions pre-1.19.22, 1.20.x up to pre-1.22.14, and pre-1.23.7. Impact is PHP object injection; remediation is upgrading...
CVE-2014-9277
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing in a PHP format request, which causes the string length...
[SECURITY] [DSA 3100-1] mediawiki security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3100-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 12, 2014 http://www.debian.org/security/faq -...
Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:241)
Updated mediawiki packages fix security vulnerabilies : In MediaWiki before 1.23.7, a missing CSRF check could allow reflected XSS on wikis that allow raw HTML CVE-2014-9276. MediaWiki's mangling, in MediaWiki before 1.23.7, could allow an article editor to inject code into API consumers that...
[SECURITY] [DSA 3100-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3100-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3100-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3100-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 12, 2014 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3100-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated mediawiki packages fix security vulnerabilies
In MediaWiki before 1.23.7, a missing CSRF check could allow reflected XSS on wikis that allow raw HTML CVE-2014-9276. MediaWiki's mangling, in MediaWiki before 1.23.7, could allow an article editor to inject code into API consumers that blindly unserialize PHP representations of the page from th...