admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2014/1xxx/CVE-2014-1610.json

153 lines
5.3 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1610",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the page parameter to includes/media/DjVu.php; (2) the w parameter (aka width field) to thumb.php, which is not properly handled by includes/media/PdfHandler_body.php; and possibly unspecified vectors in (3) includes/media/Bitmap.php and (4) includes/media/ImageHandler.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "31329",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/31329/"
},
{
"name" : "[MediaWiki-announce] 20140128 MediaWiki Security Releases: 1.22.2, 1.21.5 and 1.19.11",
"refsource" : "MLIST",
"url" : "http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000140.html"
},
{
"name" : "http://www.checkpoint.com/defense/advisories/public/2014/cpai-26-jan.html",
"refsource" : "MISC",
"url" : "http://www.checkpoint.com/defense/advisories/public/2014/cpai-26-jan.html"
},
{
"name" : "https://bugzilla.wikimedia.org/attachment.cgi?id=14361&action=diff",
"refsource" : "MISC",
"url" : "https://bugzilla.wikimedia.org/attachment.cgi?id=14361&action=diff"
},
{
"name" : "https://bugzilla.wikimedia.org/attachment.cgi?id=14384&action=diff",
"refsource" : "MISC",
"url" : "https://bugzilla.wikimedia.org/attachment.cgi?id=14384&action=diff"
},
{
"name" : "https://gerrit.wikimedia.org/r/#/c/110069/",
"refsource" : "MISC",
"url" : "https://gerrit.wikimedia.org/r/#/c/110069/"
},
{
"name" : "https://gerrit.wikimedia.org/r/#/c/110069/2/includes/media/Bitmap.php",
"refsource" : "MISC",
"url" : "https://gerrit.wikimedia.org/r/#/c/110069/2/includes/media/Bitmap.php"
},
{
"name" : "https://gerrit.wikimedia.org/r/#/c/110215/",
"refsource" : "MISC",
"url" : "https://gerrit.wikimedia.org/r/#/c/110215/"
},
{
"name" : "http://www.checkpoint.com/threatcloud-central/articles/2014-01-28-tc-researchers-discover.html",
"refsource" : "MISC",
"url" : "http://www.checkpoint.com/threatcloud-central/articles/2014-01-28-tc-researchers-discover.html"
},
{
"name" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=60339",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=60339"
},
{
"name" : "DSA-2891",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2891"
},
{
"name" : "FEDORA-2014-1745",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127948.html"
},
{
"name" : "FEDORA-2014-1802",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127942.html"
},
{
"name" : "65223",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65223"
},
{
"name" : "102630",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102630"
},
{
"name" : "102631",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/102631"
},
{
"name" : "1029707",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029707"
},
{
"name" : "56695",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56695"
},
{
"name" : "57472",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57472"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink