2012-06-27 23:55:02 2012-06-28 14:57:22

The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
ontariosystems Artiva Healthcare 5.2 Maintenance Release 5 Omron NS Series System Program Firmware 8.69 Omeka 2.2 Open Automation Software OPC Systems.NET onesolutionapps Aloha Bail Bonds (aka com.onesolutionapps.alohabailbondsandroid) for android 1.1 Omeka 2.2.1 Omron NS12 HMI Terminal Open Automation Software OPC Systems.NET 4.0 onesolutionapps Bail Bonds (aka com.onesolutionapps.chadlewisbailbondsandroid) for android 1.1 Omeka 2.1.3 Open Automation Software OPC Systems.NET 5.0 Omron NS5 HMI Terminal Omron NS15 HMI Terminal onesolutionapps AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) for android 1.1 Open Classifieds 1.7.0.2 open-emr OpenEMR 3.1.0 One You Fitness project One You Fitness (aka com.app_oneyou.layout) for android 1.399 open-emr OpenEMR 3.2.0 Omron NS8 HMI Terminal onefile OneFile Ignite (aka uk.co.onefile.ignite) for android 1.19 onelouder FriendCaster Chat (aka com.handmark.friendcaster.chat) for Android 2.0 onesolutionapps Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) for android 1.1 op5 Monitor 5.4.2 onesolutionapps Reds Anytime Bail (aka com.onesolutionapps.redsanytimebailandroid) for android 1.1 Online Solutions Online Solutions Security Suite (OSSS) 1.5.14905.0 op5 Monitor 5.3.5 Omron NS Series System Program Firmware 8.70 Omron NS10 HMI Terminal OneorZero Action and Information Management System (AIMS) 2.7.0 Trial Edition OPAC Project Opac for Drupal 7.x-2.0 OneorZero Action and Information Management System (AIMS) 2.7.0 op5 Monitor 6.3.1 op5 system-op5config 2.0.2 op5 system-op5config 2.0.3 op5 Monitor 5.5.3 op5 Monitor 6.3.0 opalvoip Portable Tool Library (aka PTLib) 2.10.2 OneorZero Action and Information Management System (AIMS) 2.8.0 Build 231211 Trial Edition ontariosystems Artiva Architect 3.2 Maintenance Release 5 opalvoip Portable Tool Library (aka PTLib) 2.10.9 onesolutionapps AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) for android 1.1 onesolutionapps Bust Out Bail (aka com.onesolutionapps.bustoutbailandroid) for android 1.1 op5 Monitor 5.5.0 opalvoip Portable Tool Library (aka PTLib) 2.10.1 ontariosystems Artiva RM 3.1 Maintenance Release 7 op5 Monitor 5.4.0 opalvoip Portable Tool Library (aka PTLib) 2.10.7 opalvoip Portable Tool Library (aka PTLib) 2.10.10 Omron NS Series System Program Firmware 8.68 OneorZero Action and Information Management System (AIMS) 2.6.0 Members Edition open-emr OpenEMR 4.0.0 Linux Omnikey Cardman 4040 Omni Group OmniWeb 5.1 563.34 Linux Omnikey Cardman Omeka 2.0.1 Omeka 2.1.4 omnistaretools OmniStar Recruiting Omeka 2.2.2 ontariosystems Artiva Workstation 1.3.9 OMFG Mobile plugin for WordPress 1.1.26 Ooorl plugin for WordPress Omeka 1.5.2 Omeka 2.0.2 Omeka 2.0.3 Omeka 2.0.4 op5 Monitor 5.5.1 Omeka 1.5.1 Omeka 2.1.2 Omeka 2.1 Omeka 2.1.1 ontariosystems Artiva Workstation 1.3.0 Omeka 1.5.3 Omeka 2.0 op5 system-portal 1.6.2 op5 system-portal 1.6.1

Improper Input Validation (ID 20)

Related CAPEC 58 Buffer Overflow via Environment Variables (CAPEC-ID 10) Server Side Include (SSI) Injection (CAPEC-ID 101) Cross Zone Scripting (CAPEC-ID 104) Cross Site Scripting through Log Files (CAPEC-ID 106) Command Line Execution through SQL Injection (CAPEC-ID 108) Object Relational Mapping Injection (CAPEC-ID 109) SQL Injection through SOAP Parameter Tampering (CAPEC-ID 110) Subverting Environment Variable Values (CAPEC-ID 13) Format String Injection (CAPEC-ID 135) LDAP Injection (CAPEC-ID 136) Relative Path Traversal (CAPEC-ID 139) Client-side Injection-induced Buffer Overflow (CAPEC-ID 14) Variable Manipulation (CAPEC-ID 171) Embedding Scripts in Non-Script Elements (CAPEC-ID 18) Flash Injection (CAPEC-ID 182) Cross-Site Scripting Using Alternate Syntax (CAPEC-ID 199) Exploiting Trust in Client (aka Make the Client Invisible) (CAPEC-ID 22) XML Nested Payloads (CAPEC-ID 230) XML Oversized Payloads (CAPEC-ID 231) Filter Failure through Buffer Overflow (CAPEC-ID 24) Cross-Site Scripting via Encoded URI Schemes (CAPEC-ID 244) XML Injection (CAPEC-ID 250) Environment Variable Manipulation (CAPEC-ID 264) Global variable manipulation (CAPEC-ID 265) Leverage Alternate Encoding (CAPEC-ID 267) Fuzzing (CAPEC-ID 28) Using Leading 'Ghost' Character Sequences to Bypass Input Filters (CAPEC-ID 3) Accessing/Intercepting/Modifying HTTP Cookies (CAPEC-ID 31) Embedding Scripts in HTTP Query Strings (CAPEC-ID 32) MIME Conversion (CAPEC-ID 42) Exploiting Multiple Input Interpretation Layers (CAPEC-ID 43) Buffer Overflow via Symbolic Links (CAPEC-ID 45) Overflow Variables and Tags (CAPEC-ID 46) Buffer Overflow via Parameter Expansion (CAPEC-ID 47) Signature Spoof (CAPEC-ID 473) XML Client-Side Attack (CAPEC-ID 484) Embedding NULL Bytes (CAPEC-ID 52) Postfix, Null Terminate, and Backslash (CAPEC-ID 53) Simple Script Injection (CAPEC-ID 63) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) SQL Injection (CAPEC-ID 66) String Format Overflow in syslog() (CAPEC-ID 67) Blind SQL Injection (CAPEC-ID 7) Using Unicode Encoding to Bypass Validation Logic (CAPEC-ID 71) URL Encoding (CAPEC-ID 72) User-Controlled Filename (CAPEC-ID 73) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79) Buffer Overflow in an API Call (CAPEC-ID 8) Using UTF-8 Encoding to Bypass Validation Logic (CAPEC-ID 80) Web Logs Tampering (CAPEC-ID 81) XPath Injection (CAPEC-ID 83) AJAX Fingerprinting (CAPEC-ID 85) Embedding Script (XSS) in HTTP Headers (CAPEC-ID 86) OS Command Injection (CAPEC-ID 88) Buffer Overflow in Local Command-Line Utilities (CAPEC-ID 9) XSS in IMG Tags (CAPEC-ID 91) XML Parser Attack (CAPEC-ID 99)