Summary
The host is running WordPress and is prone to Denial of Service vulnerability.
Impact
Successful exploitation will allow attacker to cause a Denial of Service due to high CPU consumption.
Impact Level: System/Application
Solution
Upgrade to WordPress version 2.8.5 or later.
http://wordpress.org/download/
Insight
An error occurs in wp-trackbacks.php due to improper validation of user supplied data passed into 'mb_convert_encoding()' function. This can be exploited by sending multiple-source character encodings into the fuction.
Affected
WordPress version prior to 2.8.5 on all platforms.
References
Severity
Classification
-
CVE CVE-2009-3622 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
- chm2pdf Insecure Temporary File Creation or DoS Vulnerability
- Apple Safari 'WebKit.dll' Stack Consumption Vulnerability
- Firefox XUL Parsing Denial of Service Vulnerability (Win)
- Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability