Lucene search
Ubuntu.comUB:CVE-2012-1578HistorySep 09, 2012 - 12:00 a.m.
CVE-2012-1578
2012-09-0900:00:00
ubuntu.com
ubuntu.com
5
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
71.0%
Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki
1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to
hijack the authentication of users with the block permission for requests
that (1) block a user via a request to the Block module or (2) unblock a
user via a request to the Unblock module.
Bugs
Notes
| Author | Note |
|---|---|
| micahg | Debian maintainer said 1.15 isn’t affected, see 1:1.15.5-9 changelog |
Related
prion
prion
Cross site request forgery (csrf)
2012-09-09 21:55:00
cve
cve
CVE-2012-1578
2012-09-09 21:55:05
cvelist
cvelist
CVE-2012-1578
2012-09-09 21:00:00
nvd
nvd
CVE-2012-1578
2012-09-09 21:55:05
debiancve
debiancve
CVE-2012-1578
2012-09-09 21:55:05
nessus
nessus
MediaWiki < 1.17.3 / 1.18.2 Multiple Vulnerabilities
2012-05-02 00:00:00
GLSA-201206-09 : MediaWiki: Multiple vulnerabilities
2012-06-22 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2012-06-21 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
2012-08-10 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
71.0%
Related for UB:CVE-2012-1578