Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-2787HistoryApr 27, 2011 - 12:55 a.m.
CVE-2010-2787
2011-04-2700:55:01
Debian Security Bug Tracker
security-tracker.debian.org
17
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.005
Percentile
77.0%
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by a victim.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mediawiki | < 1:1.15.5-1 | mediawiki_1:1.15.5-1_all.deb |
| Debian | 11 | all | mediawiki | < 1:1.15.5-1 | mediawiki_1:1.15.5-1_all.deb |
| Debian | 999 | all | mediawiki | < 1:1.15.5-1 | mediawiki_1:1.15.5-1_all.deb |
| Debian | 13 | all | mediawiki | < 1:1.15.5-1 | mediawiki_1:1.15.5-1_all.deb |
Related
openvas
openvas
MediaWiki 1.8 - 1.15.4 'api.php' Information Disclosure Vulnerability
2010-08-02 00:00:00
Fedora Update for mediawiki FEDORA-2011-5812
2011-05-05 00:00:00
Fedora Update for mediawiki FEDORA-2011-5812
2011-05-05 00:00:00
cvelist
cvelist
CVE-2010-2787
2011-04-27 00:00:00
ubuntucve
ubuntucve
CVE-2010-2787
2011-04-27 00:00:00
nvd
nvd
CVE-2010-2787
2011-04-27 00:55:01
cve
cve
CVE-2010-2787
2011-04-27 00:55:01
prion
prion
Design/Logic Flaw
2011-04-27 00:55:00
fedora
fedora
[SECURITY] Fedora 15 Update: mediawiki-1.16.4-58.fc15
2011-04-26 16:04:53
[SECURITY] Fedora 14 Update: mediawiki-1.16.4-58.fc14
2011-04-30 23:24:28
[SECURITY] Fedora 15 Update: mediawiki-1.16.4-57.fc15
2011-04-21 05:28:33
nessus
nessus
Fedora 15 : mediawiki-1.16.4-57.fc15 (2011-5495)
2011-04-22 00:00:00
Fedora 14 : mediawiki-1.16.4-58.fc14 (2011-5812)
2011-05-02 00:00:00
Fedora 15 : mediawiki-1.16.4-58.fc15 (2011-5848)
2011-04-27 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2012-06-21 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.005
Percentile
77.0%
Related for DEBIANCVE:CVE-2010-2787