← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2015-2932

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
active/CVE-2015-2932
1
 
Candidate: CVE-2015-2932
2
 
PublicDate: 2015-04-13
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2932
5
 
 https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
6
 
 http://www.openwall.com/lists/oss-security/2015/04/01/1
7
 
Description:
8
 
 Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before
9
 
 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject
10
 
 arbitrary web script or HTML via an animated href XLink element.
11
 
Ubuntu-Description:
12
 
Notes:
13
 
Bugs:
14
 
Priority: medium
15
 
Discovered-by:
16
 
Assigned-to:
17
 
 
18
 
Patches_mediawiki:
19
 
upstream_mediawiki: released (1:1.19.20+dfsg-2.3)
20
 
lucid_mediawiki: ignored (reached end-of-life)
21
 
precise_mediawiki: ignored (reached end-of-life)
22
 
precise/esm_mediawiki: DNE (precise was needed)
23
 
trusty_mediawiki: needed
24
 
utopic_mediawiki: ignored (reached end-of-life)
25
 
vivid_mediawiki: ignored (reached end-of-life)
26
 
vivid/stable-phone-overlay_mediawiki: DNE
27
 
vivid/ubuntu-core_mediawiki: DNE
28
 
wily_mediawiki: ignored (reached end-of-life)
29
 
xenial_mediawiki: DNE
30
 
yakkety_mediawiki: ignored (reached end-of-life)
31
 
zesty_mediawiki: ignored (reached end-of-life)
32
 
artful_mediawiki: needed
33
 
bionic_mediawiki: needed
34
 
devel_mediawiki: needed