Description

The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to cause a denial of service (infinite loop) via certain input, as demonstrated by the padleft function.

Remediation

References

CVE-2012-4885

Related Vulnerabilities

MySQL CVE-2020-14591 Vulnerability (CVE-2020-14591)

Drupal Core Security Bypass (8.0.0 - 9.2.21)

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.30)

WordPress Plugin File Manager Arbitrary File Upload (6.8)

Jboss EAP Improper Input Validation Vulnerability (CVE-2010-1871)

Severity

Medium

Classification

CVE-2012-4885

Tags

Missing Update Known Vulnerabilities