fkie_cve-2014-5241
Vulnerability from fkie_nvd
Published
2014-08-22 17:55
Modified
2024-11-21 02:11
Severity ?
Summary
The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with a restricted character set.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", matchCriteriaId: "426C179F-C8DE-4894-83A6-24BA3DB39183", versionEndIncluding: "1.19.17", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19:*:*:*:*:*:*:*", matchCriteriaId: "93D7105D-3CF1-49FF-9F51-088C58F19003", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19:beta_1:*:*:*:*:*:*", matchCriteriaId: "F647077F-52FD-460B-9511-85812A1447FD", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19:beta_2:*:*:*:*:*:*", matchCriteriaId: "BB5A8AFF-EF0E-490C-8833-FF1071563979", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*", matchCriteriaId: "A7C29D44-2964-483F-B672-27B5CE471DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*", matchCriteriaId: "172FEFE5-9900-49D0-9E14-2FA4A7912D23", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.2:*:*:*:*:*:*:*", matchCriteriaId: "CA3205F5-3A29-4D45-AC95-83174F8969BB", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.3:*:*:*:*:*:*:*", matchCriteriaId: "5547DA02-3BEC-4278-A714-25CCB820AA79", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.4:*:*:*:*:*:*:*", matchCriteriaId: "A3E5609D-EC04-4088-9B61-ABDD256200F7", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.5:*:*:*:*:*:*:*", matchCriteriaId: "B23B09BB-8F43-4D60-A37F-D8685584AF4B", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.6:*:*:*:*:*:*:*", matchCriteriaId: "9A8A3F38-9A86-4346-9337-5C2A1DED37C0", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.7:*:*:*:*:*:*:*", matchCriteriaId: "49CCC3B5-9BD4-40B4-AF1A-DF4B2A6DC12D", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.8:*:*:*:*:*:*:*", matchCriteriaId: "36DA1112-69AB-408A-886E-F248516FDE11", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.9:*:*:*:*:*:*:*", matchCriteriaId: "DA85F3B7-9CB4-481C-B1A5-AB95F81C4126", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.10:*:*:*:*:*:*:*", matchCriteriaId: "A25C57E2-8E04-4A54-9211-C7B4B7CC4E89", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.11:*:*:*:*:*:*:*", matchCriteriaId: "927A7FCC-273B-4387-A9DB-C1DADB40D3FE", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.12:*:*:*:*:*:*:*", matchCriteriaId: "37210D17-71E8-4A05-87CE-F27E2F8DDEF2", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.13:*:*:*:*:*:*:*", matchCriteriaId: "E77B822C-5536-4843-A509-D5471AC02B87", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.14:*:*:*:*:*:*:*", matchCriteriaId: "84198067-1339-4087-9B91-B0AFD45C6F0F", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.15:*:*:*:*:*:*:*", matchCriteriaId: "5735AFF4-3E99-4E3C-B452-AB9FF31925FB", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.19.16:*:*:*:*:*:*:*", matchCriteriaId: "32FCA38F-137E-4CD5-B1EB-44D949468938", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.1:*:*:*:*:*:*:*", matchCriteriaId: "59319309-D926-4353-8E0C-1FE0CB97E4D5", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.2:*:*:*:*:*:*:*", matchCriteriaId: "DA15B197-EC42-49F0-8764-E315CDA7EA03", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.3:*:*:*:*:*:*:*", matchCriteriaId: "ECD4CD3D-6022-4F75-A524-5A5247EF23AD", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.4:*:*:*:*:*:*:*", matchCriteriaId: "75B95AE3-6FA0-44BD-A78A-F059613B57EC", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.5:*:*:*:*:*:*:*", matchCriteriaId: "94646567-FF30-4FBA-96C5-914EB3C85D7F", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.6:*:*:*:*:*:*:*", matchCriteriaId: "AF088531-6875-49A2-B220-D7EC38ECC50F", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.7:*:*:*:*:*:*:*", matchCriteriaId: "902A7EE8-90AA-4B0D-9142-DFCDA5AC8914", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.20.8:*:*:*:*:*:*:*", matchCriteriaId: "9B6CD057-EBC4-4909-9734-80577AFDED40", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.1:*:*:*:*:*:*:*", matchCriteriaId: "3DA12531-818E-4AD7-A3E7-467604775416", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.2:*:*:*:*:*:*:*", matchCriteriaId: "1E87AB00-90DD-4548-B23A-42673DDFD1D1", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.3:*:*:*:*:*:*:*", matchCriteriaId: "01D8F235-2F1B-4198-A91E-B2723293AA36", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.4:*:*:*:*:*:*:*", matchCriteriaId: "D2A5F4A7-40E7-42D0-8482-647D0EC54AC7", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.5:*:*:*:*:*:*:*", matchCriteriaId: "E10A8FAC-7506-48B8-A4EE-B7A1BE20537E", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.6:*:*:*:*:*:*:*", matchCriteriaId: "1EF797B5-8348-481C-AB6F-154DEA0E5281", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.7:*:*:*:*:*:*:*", matchCriteriaId: "6E627F80-E6AA-4627-B58E-D6B2A08269BB", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.8:*:*:*:*:*:*:*", matchCriteriaId: "DA54E0F2-3B21-469F-A3FB-8E41E1857447", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.9:*:*:*:*:*:*:*", matchCriteriaId: "09CFF4B5-5827-4795-960A-201BA1BCF1A2", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.21.10:*:*:*:*:*:*:*", matchCriteriaId: "AC9D6B62-13CD-4307-94BB-A7210761A4D1", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.0:*:*:*:*:*:*:*", matchCriteriaId: "DB117E2F-D4CD-4CED-BCEF-3C821A431F6A", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.1:*:*:*:*:*:*:*", matchCriteriaId: "B461B44C-37D2-480B-9645-B7E8720416C3", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.2:*:*:*:*:*:*:*", matchCriteriaId: "E491E3AD-0FB2-41CD-B852-CAFCA397A45A", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.3:*:*:*:*:*:*:*", matchCriteriaId: "CBD50108-A301-4B5B-9047-6FD6792442B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.4:*:*:*:*:*:*:*", matchCriteriaId: "91BBFEC5-A933-4178-919D-9AC87CF76D21", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.5:*:*:*:*:*:*:*", matchCriteriaId: "BD3CA0EC-1AC1-48A1-8BB8-95DCCE1C283A", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.6:*:*:*:*:*:*:*", matchCriteriaId: "9343410C-E076-4362-8094-5BA5582E9675", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.7:*:*:*:*:*:*:*", matchCriteriaId: "F96BBB28-AB3C-4082-B035-8CCB761C2530", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.22.8:*:*:*:*:*:*:*", matchCriteriaId: "7389C3B9-B32D-46CC-8615-22CF7BDCD829", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.23.0:*:*:*:*:*:*:*", matchCriteriaId: "6044842D-0C23-4683-9BCC-9FE40AE8353F", vulnerable: true, }, { criteria: "cpe:2.3:a:mediawiki:mediawiki:1.23.1:*:*:*:*:*:*:*", matchCriteriaId: "2BFCBB5A-F5F8-400E-916A-EB87F84853D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with a restricted character set.", }, { lang: "es", value: "El endpoint JSONP en includes/api/ApiFormatJson.php en MediaWiki anterior a 1.19.18, 1.20.x hasta 1.22.x anterior a 1.22.9, y 1.23.x anterior a 1.23.2 acepta ciertos valores largos de devolución de llamada y no restringe los bytes iniciales de una respuesta JSONP, lo que permite a atacantes remotos realizar ataques de CSRF, y obtener información sensible, a través de un elemento OBJECT manipulado con contenido SWF consistente con un juego de caracteres restringido.", }, ], id: "CVE-2014-5241", lastModified: "2024-11-21T02:11:40.820", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2014-08-22T17:55:02.813", references: [ { source: "cve@mitre.org", url: "http://advisories.mageia.org/MGASA-2014-0309.html", }, { source: "cve@mitre.org", url: "http://openwall.com/lists/oss-security/2014/08/14/5", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/59738", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2014/dsa-3011", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:153", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugzilla.wikimedia.org/show_bug.cgi?id=68187", }, { source: "cve@mitre.org", url: "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2014-0309.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2014/08/14/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59738", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-3011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:153", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugzilla.wikimedia.org/show_bug.cgi?id=68187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.