{ "id": "CVE-2005-2110", "sourceIdentifier": "cve@mitre.org", "published": "2005-07-05T04:00:00.000", "lastModified": "2024-11-20T23:58:49.263", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a \"1\" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D7D86BA1-3DC8-478C-B2FA-581F9AE1F93E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6E7BEFBD-4326-44A5-A160-9406D94AB307" }, { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E85A88D7-07A1-4A8C-88B5-057AD9C675E8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "503E4894-3F39-471F-9A56-052718813BF9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "38085E5A-7B41-4E43-8A22-5FD44970F3EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7F0BF1F6-A54A-48E8-A872-015FE10E5D03" } ] } ] } ], "references": [ { "url": "http://NeoSecurityTeam.net/advisories/Advisory-17.txt", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/15831", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/archive/1/426304/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://NeoSecurityTeam.net/advisories/Advisory-17.txt", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/15831", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/archive/1/426304/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }