Executive Summary

Informations
NameCVE-2012-0287First vendor Publication2012-01-05
VendorCveLast vendor Modification2012-10-11

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Cvss Base Score2.6Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityHigh
Cvss Expoit Score4.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the query string in a POST operation that is not properly handled by the "Duplicate comment detected" feature.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0287

CWE : Common Weakness Enumeration

idName
CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2012-04-02Name : Fedora Update for wordpress FEDORA-2012-0248
File : nvt/gb_fedora_2012_0248_wordpress_fc16.nasl
2012-01-20Name : Fedora Update for wordpress FEDORA-2012-0247
File : nvt/gb_fedora_2012_0247_wordpress_fc15.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
78123WordPress wp-includes/functions.php wp_guess_url() Function Multiple Script U...

Nessus® Vulnerability Scanner

DateDescription
2012-01-17Name : The remote Fedora host is missing a security update.
File : fedora_2012-0247.nasl - Type : ACT_GATHER_INFO
2012-01-17Name : The remote Fedora host is missing a security update.
File : fedora_2012-0248.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/51237
CONFIRMhttps://wordpress.org/news/2012/01/wordpress-3-3-1/
MISChttp://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html
SECTRACKhttp://www.securitytracker.com/id?1026542

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:07:19
  • Multiple Updates
2013-05-10 22:32:08
  • Multiple Updates