Bug 476621
| Summary: | mediawiki: multiple XSS and CSRF issues (CVE-2008-5249, CVE-2008-5250, CVE-2008-5252, CVE-2008-5687, CVE-2008-5688) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | axel.thimm, ian, jrusnack, roozbeh, smooge |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-12-27 18:45:36 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Tomas Hoger
2008-12-16 09:34:37 UTC
CVEs assigned to the mentioned MediaWiki update: CVE-2008-5249 Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2008-5250 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1.12.x before 1.12.2, and 1.13.x before 1.13.3, when Internet Explorer is used and uploads are enabled, or an SVG scripting browser is used and SVG uploads are enabled, allows remote authenticated users to inject arbitrary web script or HTML by editing a wiki page. CVE-2008-5252 Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors. As well as other two issue mentioned in the upstream announcement, treated as security enhancement rather than vulnerability fixes by upstream: CVE-2008-5687 MediaWiki 1.11 through 1.13.3 does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/. CVE-2008-5688 MediaWiki 1.8.1 through 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception. (Path disclosure is not really an issue for Fedora packages, that install MediaWiki in a known directory.) mediawiki-1.13.3-42.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/mediawiki-1.13.3-42.fc9 mediawiki-1.13.3-41.99.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/mediawiki-1.13.3-41.99.fc8 mediawiki-1.13.3-42.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/mediawiki-1.13.3-42.fc10 mediawiki-1.13.3-41.99.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. mediawiki-1.13.3-41.99.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. mediawiki-1.13.3-42.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. mediawiki-1.13.3-42.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. |