#VU43931 Input validation error in WordPress - CVE-2011-4957

Cybersecurity Help s.r.o.

Published: 2012-06-28 | Updated: 2020-08-11

Vulnerability identifier: #VU43931

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-4957

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
WordPress
Web applications / CMS

Vendor: WordPress.ORG

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.

Mitigation
Install update from vendor's website.

Vulnerable software versions

WordPress: 0.71, 1.0 - 1.0.2, 1.1.1, 1.2 - 1.2.5, 1.3, 1.3.2, 1.3.3, 1.5 - 1.5.2, 2.0 - 2.0.11, 2.1 - 2.1.3, 2.2 - 2.2.3, 2.3 - 2.3.3, 2.5 - 2.5.1, 2.6 - 2.6.5, 2.7 - 2.7.1, 2.8 - 2.8.6, 2.9 - 2.9.2, 3.0 - 3.0.6

External links
https://core.trac.wordpress.org/ticket/16892
https://secunia.com/advisories/44038
https://secunia.com/advisories/49138
https://wordpress.org/news/2011/04/wordpress-3-1-1/
https://www.debian.org/security/2012/dsa-2470
https://www.openwall.com/lists/oss-security/2012/04/19/17
https://www.openwall.com/lists/oss-security/2012/04/19/6

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in WordPress