ID CVE-2007-0107
Summary WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7. Successful exploitation requires that the "mbstring" extension be enabled. This vulnerability is addressed in the following product release: WordPress, WordPress, 2.0.6
References
Vulnerable Configurations
  • cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.71:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.71:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.71:beta:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.71:beta:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.71:beta3:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.71:beta3:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.72:beta1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.72:beta1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.72:beta2:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.72:beta2:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.72:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.72:rc1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2:beta:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2:beta:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.3:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.3:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.5:-:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.5:-:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:wordpress:wordpress:2.0.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:wordpress:wordpress:2.0.5:rc1:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 16-10-2018 - 16:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 21907
bugtraq 20070105 Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability
confirm http://wordpress.org/development/2007/01/wordpress-206/
gentoo GLSA-200701-10
misc http://www.hardened-php.net/advisory_022007.141.html
openpkg OpenPKG-SA-2007.005
osvdb 31579
secunia
  • 23595
  • 23741
sreason 2112
vupen ADV-2007-0061
xf wordpress-mbstring-security-bypass(31297)
Last major update 16-10-2018 - 16:31
Published 09-01-2007 - 00:28
Last modified 16-10-2018 - 16:31
Back to Top