Описание
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.3.2+dfsg-1 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | not-affected | 3.3.1+dfsg-1 |
| quantal | not-affected | 3.3.2+dfsg-1 |
| raring | not-affected | 3.3.2+dfsg-1 |
| saucy | not-affected | 3.3.2+dfsg-1 |
| upstream | released | 3.1.1 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.
The make_clickable function in wp-includes/formatting.php in WordPress ...
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.
5 Medium
CVSS2