Executive Summary

Informations
NameCVE-2010-2789First vendor Publication2011-04-26
VendorCveLast vendor Modification2011-07-19

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2789

CWE : Common Weakness Enumeration

idName
CWE-94Failure to Control Generation of Code ('Code Injection')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2012-08-10Name : Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
File : nvt/glsa_201206_09.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
73157MediaWiki MediaWikiParserTest.php Unspecified Parameter Remote File Inclusion

Nessus® Vulnerability Scanner

DateDescription
2012-06-22Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-09.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
MLISThttp://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
http://openwall.com/lists/oss-security/2010/07/29/4

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:56:34
  • Multiple Updates
2013-05-10 23:29:23
  • Multiple Updates