CVE-2008-5252
openSUSE 11.0
CVE-2008-5252, security advisory, novell, suse linux, suse, security, cve

CVE-2008-5252

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-5252 at MITRE

Description

Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.76
Vector AV:N/AC:M/Au:N/C:N/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 443303 [RESOLVED / DUPLICATE], 459058 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • mediawiki-debuginfo >= 1.11.2-36.2
openSUSE 11.0
  • mediawiki >= 1.11.2-36.2