CVE-2014-9277 in MediaWikiजानकारी

सारांश

द्वारा MITRE

The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing in a PHP format request, which causes the string length to change when converting the request to .

Once again VulDB remains the best source for vulnerability data.

आरक्षित करना

04/12/2014

प्रकटीकरण

04/01/2015

प्रविष्टि

VDB-68349

EPSS

0.01965

गतिविधियाँ

बहुत कम

क्षेत्र

Hostingprovider, Lawfirm, ...

स्रोत

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!