Executive Summary

Informations
Name CVE-2005-4501 First vendor Publication 2005-12-22
Vendor Cve Last vendor Modification 2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4501

CPE : Common Platform Enumeration

TypeDescriptionCount
Application45

OpenVAS Exploits

DateDescription
2008-09-04Name : FreeBSD Ports: mediawiki
File : nvt/freebsd_mediawiki.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
21960MediaWiki Hardcoded Placeholder String Inline Style Attribute Security Bypass...

Nessus® Vulnerability Scanner

DateDescription
2006-05-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_99015cf5c4dd11dab2fb000e0c2e438a.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/16032
CONFIRM http://www.mediawiki.org/wiki/Download
SECUNIA http://secunia.com/advisories/18219
http://secunia.com/advisories/18717
SUSE http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html
VUPEN http://www.vupen.com/english/advisories/2005/3059
XF http://xforce.iss.net/xforce/xfdb/23882

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:33:59
  • Multiple Updates
2013-05-11 11:38:05
  • Multiple Updates