oss-sec mailing list archives

Re: CVE request: Wordpress 2.8.6

From: Josh Bressers <bressers () redhat com>
Date: Mon, 16 Nov 2009 16:24:47 -0500 (EST)

Let's use these:

CVE-2009-3890 wordpress OSVDB 59958
CVE-2009-3891 wordpress OSVDB 59959

Thanks.

-- 
    JB

----- "security curmudgeon" <jericho () attrition org> wrote:

On Sun, 15 Nov 2009, Alex Legler wrote:

: Wordpress released an update, fixing 2 issues:
: 
: "2.8.6 fixes two security problems that can be exploited by
registered, 
: logged in users who have posting privileges.  If you have untrusted

: authors on your blog, upgrading to 2.8.6 is recommended.
: 
: The first problem is an XSS vulnerability in Press This discovered
by 
: Benjamin Flesch.  The second problem, discovered by Dawid Golunski,
is 
: an issue with sanitizing uploaded file names that can be exploited
in 
: certain Apache configurations. Thanks to Benjamin and Dawid for
finding 
: and reporting these."
: 
: from
:
http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release/
: 
: I believe these are the matching tickets:
: Issue 1: http://core.trac.wordpress.org/ticket/11119
: Issue 2: http://core.trac.wordpress.org/ticket/11122

OSVDB   Disclosure              Title

59958         2009-11-12              WordPress /wp-includes/functions.php
wp_check_filetype() Function File Upload Arbitrary Code Execution 

59959         2009-11-12              WordPress press-this.php Unspecified XSS

Current thread:

CVE request: Wordpress 2.8.6 Alex Legler (Nov 15)
- Re: CVE request: Wordpress 2.8.6 security curmudgeon (Nov 15)
  - Re: CVE request: Wordpress 2.8.6 Josh Bressers (Nov 16)