Description

Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related to the mb_convert_encoding function in PHP.

Remediation

References

CVE-2009-3622

Related Vulnerabilities

WordPress Plugin Comment Rating Cross-Site Request Forgery (2.9.20)

Plone CMS CVE-2011-0720 Vulnerability (CVE-2011-0720)

WebLogic CVE-2019-2441 Vulnerability (CVE-2019-2441)

WordPress Plugin wp Dreamwork Gallery Arbitrary File Upload (2.3)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8156)

Severity

Medium

Classification

CVE-2009-3622

Tags

Missing Update Known Vulnerabilities