Executive Summary

Informations
NameCVE-2005-4501First vendor Publication2005-12-22
VendorCveLast vendor Modification2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4501

CPE : Common Platform Enumeration

TypeDescriptionCount
Application45

OpenVAS Exploits

DateDescription
2008-09-04Name : FreeBSD Ports: mediawiki
File : nvt/freebsd_mediawiki.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
21960MediaWiki Hardcoded Placeholder String Inline Style Attribute Security Bypass...

Nessus® Vulnerability Scanner

DateDescription
2006-05-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_99015cf5c4dd11dab2fb000e0c2e438a.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/16032
CONFIRMhttp://www.mediawiki.org/wiki/Download
SECUNIAhttp://secunia.com/advisories/18219
http://secunia.com/advisories/18717
SUSEhttp://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html
VUPENhttp://www.vupen.com/english/advisories/2005/3059
XFhttp://xforce.iss.net/xforce/xfdb/23882

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:33:59
  • Multiple Updates
2013-05-11 11:38:05
  • Multiple Updates