CVE-2014-1610
MEDIUM severity · CVSS 6 · Improper input validation
6CVSS MEDIUM
Summary
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the page parameter to includes/media/DjVu.php; (2) the w parameter (aka width field) to thumb.php, which is not properly handled by includes/media/PdfHandler_body.php; and possibly unspecified vectors in (3) includes/media/Bitmap.php and (4) includes/media/ImageHandler.php.
Impact & exploitability
Attack vectorNetwork
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)43%
AV:N/AC:M/Au:S/C:P/I:P/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000140.htmlAdvisory
- http://secunia.com/advisories/56695Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127942.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127948.html
- http://osvdb.org/102630
- http://secunia.com/advisories/57472
- http://www.checkpoint.com/defense/advisories/public/2014/cpai-26-jan.html
- http://www.checkpoint.com/threatcloud-central/articles/2014-01-28-tc-researchers-discover.html