1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
Candidate: CVE-2011-0537
PublicDate: 2011-02-03
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0537
Description:
Multiple directory traversal vulnerabilities in (1) languages/Language.php
and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions
before 1.16.2, when running on Windows and possibly Novell Netware, allow
remote attackers to include and execute arbitrary local PHP files via
vectors related to a crafted language file and the Language::factory
function.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_mediawiki:
upstream_mediawiki: released (1.16.2)
dapper_mediawiki: ignored (reached end-of-life)
hardy_mediawiki: ignored (reached end-of-life)
karmic_mediawiki: ignored (reached end-of-life)
lucid_mediawiki: ignored (reached end-of-life)
maverick_mediawiki: ignored (reached end-of-life)
natty_mediawiki: ignored (reached end-of-life)
oneiric_mediawiki: ignored (reached end-of-life)
precise_mediawiki: ignored (reached end-of-life)
precise/esm_mediawiki: DNE (precise was needs-triage)
quantal_mediawiki: not-affected (1:1.19.2-1)
raring_mediawiki: not-affected (1:1.19.2-1)
saucy_mediawiki: not-affected (1:1.19.2-1)
trusty_mediawiki: not-affected (1:1.19.2-1)
utopic_mediawiki: not-affected (1:1.19.2-1)
vivid_mediawiki: not-affected (1:1.19.2-1)
vivid/stable-phone-overlay_mediawiki: DNE
vivid/ubuntu-core_mediawiki: DNE
wily_mediawiki: not-affected (1:1.19.2-1)
xenial_mediawiki: DNE
yakkety_mediawiki: not-affected
zesty_mediawiki: not-affected
devel_mediawiki: not-affected
|