412855 – (CVE-2012-2399) <www-apps/wordpress-3.3.2 Multiple vulnerabilities (CVE-2012-{2399,2400,2401,2402,2403,2404})

Bug 412855 (CVE-2012-2399) - <www-apps/wordpress-3.3.2 Multiple vulnerabilities (CVE-2012-{2399,2400,2401,2402,2403,2404})

Summary: <www-apps/wordpress-3.3.2 Multiple vulnerabilities (CVE-2012-{2399,2400,2401,...

Status:	RESOLVED FIXED

Alias:	CVE-2012-2399

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:	https://wordpress.org/news/2012/04/wo...
Whiteboard:	~4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2012-04-21 04:33 UTC by Laurent Bachelier
Modified:	2012-05-01 15:47 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Laurent Bachelier 2012-04-21 04:33:09 UTC

It has some security fixes:
    Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances, disclosed by Jon Cave of our WordPress core security team, and Adam Backstrom.
    Cross-site scripting vulnerability when making URLs clickable, by Jon Cave.
    Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs. Thanks to Mauro Gentile for responsibly disclosing these issues to the security team.

Reproducible: Always

Comment 1 Jouni Rinne 2012-04-24 18:14:11 UTC

+1

Comment 2 grischa 2012-04-26 11:58:02 UTC

+1

Comment 3 Alex Legler (RETIRED) archtester

2012-04-26 13:21:13 UTC

This is a bugtracker, not Google+.
If you must, use that vote feature, but don't spam. Thanks.

Comment 4 Theo Chatzimichos (RETIRED) archtester

2012-04-26 13:25:34 UTC

and for the record I will take care of it today after work

Comment 5 Tim Harder gentoo-dev

2012-04-26 19:12:47 UTC

3.3.2 added to CVS.

Comment 6 Sean Amoss (RETIRED) gentoo-dev

2012-04-28 00:10:14 UTC

(In reply to comment #5)
> 3.3.2 added to CVS.

Thanks, Tim. Please update when 3.3.1 is cleaned out and we will get this closed.

Comment 7 GLSAMaker/CVETool Bot gentoo-dev

2012-04-28 00:13:08 UTC

CVE-2012-2404 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2404):
  wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects,
  which makes it easier for remote attackers to conduct cross-site scripting
  (XSS) attacks via unspecified vectors.

CVE-2012-2403 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2403):
  wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable
  clickable links inside attributes, which makes it easier for remote
  attackers to conduct cross-site scripting (XSS) attacks via unspecified
  vectors.

CVE-2012-2402 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2402):
  wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated
  site administrators to bypass intended access restrictions and deactivate
  network-wide plugins via unspecified vectors.

CVE-2012-2401 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2401):
  Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress
  before 3.3.2 and other products, enables scripting regardless of the domain
  from which the SWF content was loaded, which allows remote attackers to
  bypass the Same Origin Policy via crafted content.

CVE-2012-2400 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2400):
  Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before
  3.3.2 has unknown impact and attack vectors.

CVE-2012-2399 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2399):
  Unspecified vulnerability in wp-includes/js/swfupload/swfupload.swf in
  WordPress before 3.3.2 has unknown impact and attack vectors.

Comment 8 Tim Harder gentoo-dev

2012-05-01 14:54:49 UTC

(In reply to comment #6)
> Thanks, Tim. Please update when 3.3.1 is cleaned out and we will get this
> closed.

3.3.1 has now been removed from the tree.

Comment 9 Tim Sammut (RETIRED) gentoo-dev

2012-05-01 15:47:47 UTC

(In reply to comment #8)
> 
> 3.3.1 has now been removed from the tree.

Thanks, Tim. Closing noglsa.