Описание
thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as img_auth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1:1.15.1-1ubuntu1 |
| hardy | released | 1:1.11.2-2ubuntu0.7 |
| intrepid | ignored | end of life, was needed |
| jaunty | released | 1:1.13.3-1ubuntu2.4 |
| karmic | released | 1:1.15.0-1.1ubuntu0.4 |
| lucid | released | 1:1.15.1-1ubuntu1 |
| upstream | released | 1.15.2 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as img_auth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations.
thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as img_auth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations.
thumb.php in MediaWiki before 1.15.2, when used with access-restrictio ...
thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as img_auth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations.
4.3 Medium
CVSS2