CVE-2010-2789

Executive Summary

Informations
Name	CVE-2010-2789	First vendor Publication	2011-04-26
Vendor	Cve	Last vendor Modification	2011-07-19

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2789

CWE : Common Weakness Enumeration

id	Name
CWE-94	Failure to Control Generation of Code ('Code Injection')

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mediawiki Mediawiki cpe:/a:mediawiki:mediawiki:1.16:beta1	1

Open Source Vulnerability Database (OSVDB)

id	Description
73157	MediaWiki MediaWikiParserTest.php Unspecified Parameter Remote File Inclusion

Internal Sources (Detail)

Source	Url
MLIST	http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html http://openwall.com/lists/oss-security/2010/07/29/4

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 23:29:23	Multiple Updates

Type	Count
CPE ID(s)	1
osvdb(s)	1

Related	Severity
GLSA-201206-09	(High)

Same Subject	Severity
Login to view 13 more Alert(s)

Facebook rss twitter linkedin mail

CVE-2010-2789

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU