FKIE_CVE-2010-1150

Vulnerability from fkie_nvd - Published: 2010-04-20 15:30 - Updated: 2026-04-29 01:13
Severity
Summary
MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to conduct phishing attacks by arranging for a victim to login to the attacker's account and then execute a crafted user script, related to a "login CSRF" issue.
References
secalert@redhat.comhttp://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gzPatch
secalert@redhat.comhttp://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gzPatch
secalert@redhat.comhttp://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_15_3/phase3/RELEASE-NOTES
secalert@redhat.comhttp://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_0beta2/phase3/RELEASE-NOTES
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2041
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2010/04/07/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2010/04/08/4
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1055
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=580418
secalert@redhat.comhttps://bugzilla.wikimedia.org/show_bug.cgi?id=23076Exploit
af854a3a-2127-422b-91ae-364da2661108http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gzPatch
af854a3a-2127-422b-91ae-364da2661108http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gzPatch
af854a3a-2127-422b-91ae-364da2661108http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_15_3/phase3/RELEASE-NOTES
af854a3a-2127-422b-91ae-364da2661108http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_0beta2/phase3/RELEASE-NOTES
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2041
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2010/04/07/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2010/04/08/4
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1055
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=580418
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.wikimedia.org/show_bug.cgi?id=23076Exploit
Impacted products
Vendor Product Version
mediawiki mediawiki *
mediawiki mediawiki 1.6.0
mediawiki mediawiki 1.6.1
mediawiki mediawiki 1.6.2
mediawiki mediawiki 1.6.3
mediawiki mediawiki 1.6.4
mediawiki mediawiki 1.6.5
mediawiki mediawiki 1.6.6
mediawiki mediawiki 1.6.7
mediawiki mediawiki 1.6.8
mediawiki mediawiki 1.6.9
mediawiki mediawiki 1.6.10
mediawiki mediawiki 1.6.11
mediawiki mediawiki 1.6.12
mediawiki mediawiki 1.7.0
mediawiki mediawiki 1.7.1
mediawiki mediawiki 1.7.2
mediawiki mediawiki 1.7.3
mediawiki mediawiki 1.8.0
mediawiki mediawiki 1.8.1
mediawiki mediawiki 1.8.2
mediawiki mediawiki 1.8.3
mediawiki mediawiki 1.8.4
mediawiki mediawiki 1.8.5
mediawiki mediawiki 1.9.0
mediawiki mediawiki 1.9.0
mediawiki mediawiki 1.9.1
mediawiki mediawiki 1.9.2
mediawiki mediawiki 1.9.3
mediawiki mediawiki 1.9.4
mediawiki mediawiki 1.9.5
mediawiki mediawiki 1.9.6
mediawiki mediawiki 1.10.0
mediawiki mediawiki 1.10.0
mediawiki mediawiki 1.10.0
mediawiki mediawiki 1.10.1
mediawiki mediawiki 1.10.2
mediawiki mediawiki 1.10.3
mediawiki mediawiki 1.10.4
mediawiki mediawiki 1.11.0
mediawiki mediawiki 1.11.0
mediawiki mediawiki 1.11.1
mediawiki mediawiki 1.11.2
mediawiki mediawiki 1.12.0
mediawiki mediawiki 1.12.0
mediawiki mediawiki 1.12.1
mediawiki mediawiki 1.12.2
mediawiki mediawiki 1.12.3
mediawiki mediawiki 1.12.4
mediawiki mediawiki 1.13.0
mediawiki mediawiki 1.13.0
mediawiki mediawiki 1.13.0
mediawiki mediawiki 1.13.1
mediawiki mediawiki 1.13.2
mediawiki mediawiki 1.13.3
mediawiki mediawiki 1.13.4
mediawiki mediawiki 1.14.0
mediawiki mediawiki 1.14.0
mediawiki mediawiki 1.14.1
mediawiki mediawiki 1.15.0
mediawiki mediawiki 1.15.0
mediawiki mediawiki 1.15.1
mediawiki mediawiki 1.16.0
mediawiki mediawiki 1.16.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE51DAF-5F7F-44B6-9BB9-13C541FD5EAE",
              "versionEndIncluding": "1.15.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3EAF847-B64C-4C12-8BF2-631F61B0618E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09EF3827-9C87-4043-B10A-1D6AFCB64F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08B1EDE8-940E-47C1-9CDA-C6BBE1BB9A11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4554900-E09D-4D9D-99D4-FE5FDB3CDE78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "93EB0312-A147-4307-9491-46AEC2EC727C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "48929086-E08E-472D-A503-4CA803A840D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A98675FD-C9EA-49AB-BA9F-2CF5898203C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9B4718-DF85-4E77-B720-0EC3E0D318BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "132A745B-0A1B-4186-8BE2-88C24FF4A455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E710375D-F5B3-4998-AA7F-F931022CF6F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3130C952-83B3-4755-99D7-D25C1447670E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9842D148-50D2-4A52-A3E1-529670A25EBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A59DE5DF-B5A1-4C11-9FA9-03EA7F589694",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C632052-D84B-41A1-B46F-1C1D9ADC72CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF36A02-DF6B-4657-94F6-255E4163FBF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60380B60-DD11-42C9-9388-AED3244F39A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "612210D5-FDBC-4A13-AACD-13198FE9D2DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "46046B16-3EE4-42C0-BA77-73300A641BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "136E5FD9-C0A0-4970-8852-D97C5BC723E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FD2871-90BB-4AFA-89D0-B9B5BE365771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D35193-8AF8-4CB9-A47D-A58DE389515E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1CD7D7-546A-48FA-9C4C-1FB0CA22C6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD648C1-0908-43F8-951C-E7EBF8FB8CB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40FB49B-1E96-44BC-A9B0-9BDB28F858A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "75D5AC3F-4D29-4882-A3C0-94951402ADD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A0921C-BEC5-4646-96FD-0529828B5BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB4E8709-43E2-4ADC-8759-16AC265658C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8A1D30-57E7-4010-B68A-8D22EA091FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EF7C683-F6E2-4D79-B0F9-234C9FAFB7C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "962C4B03-ABDF-4E94-8DE0-E035186E0F4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "841A4099-1EB3-448A-81C2-67A68CF4B5C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0983C0E-9035-4256-AC99-C2C81C1634E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "76F47EF6-2695-44FD-B4B0-9DE911BB57CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "FC61592E-7479-45C1-9263-D608B644EE79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5460DB30-FA14-4017-BC8B-15F9451469F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED2392D6-6ACF-4715-BBCD-B6DA9B91C750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0071C35-877F-44C6-BC39-B1AE885D7313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD83CF24-FC29-40C4-8B07-5FB6591E9812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A92668-4B5D-40A4-9A14-E7AD10086933",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.11.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "7266D827-F77D-4CC3-8237-4B35D072ACF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DB5EF0E-4E1B-4131-9142-5FBB59C235D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F59B5992-716F-4901-BDD1-0C7E24BF9148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "746023B5-2472-4FC9-BEDF-FE6A321F12B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0D18C85B-E82B-46AE-959E-3FD32DB6F294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66714539-F1E1-4C16-AA12-059EEB1B9DF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A80044C9-9F76-468E-84F7-D7D529004AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7CD7F5A-F4E4-45B6-9179-BD1BCD75D297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7BC3705-27C7-4969-AB6A-E7C09C708C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CDE6D3-A26D-4ECD-B949-B9DDB53F67C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D3CC82BE-8DEA-47D7-B6B7-2FFDFB728ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "AFD79470-63A7-438B-A3BE-CABDAD7F848C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A26F4C94-E3A5-456E-8E5E-36BA67DD4BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7C6D23B-B5C1-4F10-9F62-E81F639FF40F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "13FA8F3C-2B6C-42FB-A6CE-EC2D8614E43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "973B7468-970D-475C-AAB2-D81833EAF12B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F4A0789-0496-4940-A484-8B6689AA8770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.14.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "241370F6-4941-43B4-AAD5-32A93AAC3B80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A236174-7262-478C-8C96-61428EBCC575",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAAC942E-1BA2-419C-B464-20529D825053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.15.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "188AA942-A54E-4B48-A14E-1D4C2BB859EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07D3ECE8-29AC-491A-BD11-1753EF65DA0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4416B074-0C5E-4DD3-AA4D-B54AC635F00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediawiki:mediawiki:1.16.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FDC8-2F1B-4054-82BC-B79566ABE8E6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to conduct phishing attacks by arranging for a victim to login to the attacker\u0027s account and then execute a crafted user script, related to a \"login CSRF\" issue."
    },
    {
      "lang": "es",
      "value": "MediaWiki en versiones anteriores a la v1.15.3, y v1.6.x anteriores a la v1.16.0beta2, no gestiona apropiadamente un intento de inicio de sesi\u00f3n correctamente autenticado pero no deseado, lo que facilita a usuarios remotos autenticados realizar ataques de phishing arregl\u00e1ndoselas para que una v\u00edctima inicie sesi\u00f3n en la cuenta del atacante y luego ejecute un script de usuario modificado. Relacionada con el tipo de vulneravidad inicio de sesi\u00f3n CSRF."
    }
  ],
  "id": "CVE-2010-1150",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-04-20T15:30:00.367",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gz"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gz"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_15_3/phase3/RELEASE-NOTES"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_0beta2/phase3/RELEASE-NOTES"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2041"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/04/07/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/04/08/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1055"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=580418"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=23076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_15_3/phase3/RELEASE-NOTES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_0beta2/phase3/RELEASE-NOTES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/04/07/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/04/08/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=580418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=23076"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.