SB2017101951 - Multiple vulnerabilities in MediaWiki
Published: October 19, 2017 Updated: April 10, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Cross-site scripting (CVE-ID: CVE-2012-4377)
Vulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in MediaWiki before 1.18.5 and 1.19.x before 1.19.2. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Cross-site scripting (CVE-ID: CVE-2012-4378)
Vulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, when processing the userlang parameter to w/index.php. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
3) Improper access control (CVE-ID: CVE-2012-4379)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element.
4) Improper access control (CVE-ID: CVE-2012-4380)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors.
5) Information disclosure (CVE-ID: CVE-2012-4382)
The vulnerability allows a remote privileged user to gain access to sensitive information.
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.
Remediation
Install update from vendor's website.
References
- http://www.openwall.com/lists/oss-security/2012/08/31/10
- http://www.openwall.com/lists/oss-security/2012/08/31/6
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330
- https://bugzilla.redhat.com/show_bug.cgi?id=853409
- https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
- https://phabricator.wikimedia.org/T41700
- https://bugzilla.redhat.com/show_bug.cgi?id=853417
- https://phabricator.wikimedia.org/T39587
- https://bugzilla.redhat.com/show_bug.cgi?id=853426
- https://phabricator.wikimedia.org/T41180
- https://bugzilla.redhat.com/show_bug.cgi?id=853440
- https://phabricator.wikimedia.org/T41824
- https://phabricator.wikimedia.org/T41823