Advisories ยป MGASA-2013-0198

Updated wordpress package fixes security vulnerabilities

Publication date: 01 Jul 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-2173 , CVE-2013-2199 , CVE-2013-2200 , CVE-2013-2201 , CVE-2013-2202 , CVE-2013-2203 , CVE-2013-2204 , CVE-2013-2205


A denial of service flaw was found in the way Wordpress, a blog tool and
publishing platform, performed hash computation when checking password for
password protected blog posts. A remote attacker could provide a specially-
crafted input that, when processed by the password checking mechanism of
Wordpress would lead to excessive CPU consumption (CVE-2013-2173).

Inadequate SSRF protection for HTTP requests where the user can provide a
URL can allow for attacks against the intranet and other sites. This is a
continuation of work related to CVE-2013-0235, which was specific to SSRF
in pingback requests and was fixed in 3.5.1 (CVE-2013-2199).

Inadequate checking of a user's capabilities could allow them to publish
posts when their user role should not allow for it; and to assign posts to
other authors (CVE-2013-2200).

Inadequate escaping allowed an administrator to trigger a cross-site
scripting vulnerability through the uploading of media files and plugins

The processing of an oEmbed response is vulnerable to an XXE

If the uploads directory is not writable, error message data returned via
XHR will include a full path to the directory (CVE-2013-2203).

Content Spoofing in the MoxieCode (TinyMCE) MoxiePlayer project

Cross-domain XSS in SWFUpload (CVE-2013-2205).