Bug 357731 - (CVE-2007-5710) CVE-2007-5710 wordpress XSS issue
CVE-2007-5710 wordpress XSS issue
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: wordpress (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: John Berninger
Fedora Extras Quality Assurance
source=gentoo,reported=20071030,publi...
: Reopened, Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-30 04:41 EDT by Tomas Hoger
Modified: 2007-11-30 17:12 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-30 09:16:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2007-10-30 04:41:26 EDT
Another possible XSS issue was reported for wordpress:

  http://www.frsirt.com/english/advisories/2007/3640

A vulnerability has been identified in WordPress, which could be exploited by
attackers to execute arbitrary scripting code. This issue is caused by an input
validation error in the "wp-admin/edit-post-rows.php" script when processing the
"posts_columns" parameter, which could be exploited by attackers to cause
arbitrary scripting code to be executed by the user's browser in the security
context of an affected Web site.

Original advisory:
  http://www.waraxe.us/advisory-59.html

Upstream advisory:
  http://wordpress.org/development/2007/10/wordpress-231/

Upstream patch (seems to prevent direct access to affected file):
  http://trac.wordpress.org/changeset/6258

This issue only seems to affect wordpress 2.3, which is only in devel/f9 now. 
Older versions in f7 and f8 do not seem to contain affected file.  Moreover,
exploitation requires register_globals to be enabled, which is not recommended
setup (for years now) nor out default php configuration.
Comment 1 Adrian Reber 2007-10-30 05:10:19 EDT
Fixed and built in devel and EL-5 branch.
Comment 2 John Berninger 2007-10-30 09:15:41 EDT
Needs to be built for FC-6, F-7, and F-8 as well
Comment 3 John Berninger 2007-10-30 09:16:40 EDT
Nevermind.  Note to self: read.
Comment 4 Tomas Hoger 2007-10-31 04:12:04 EDT
CVE id CVE-2007-5710 was assigned to this.

Note You need to log in before you can comment on or make changes to this bug.