Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 484648 (CVE-2013-4338) - <www-apps/wordpress-3.6.1 : multiple vulnerabilities (CVE-2013-{4338,4339,4340})
Summary: <www-apps/wordpress-3.6.1 : multiple vulnerabilities (CVE-2013-{4338,4339,4340})
Alias: CVE-2013-4338
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~4 [noglsa]
Depends on:
Reported: 2013-09-12 05:13 UTC by Agostino Sarubbo
Modified: 2014-01-11 22:52 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-09-12 05:13:49 UTC
From ${URL} :

Three issues fixed in WordPress 3.6.1:

 * Unsafe PHP unserialization. CWE-502.

 * Open Redirect / Insufficient Input Validation. CWE-601. and

 * Privilege Escalation: a user with an Author role, using a specially
crafted request, was able to create a post that was marked as "written by"
another user.

@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Agostino Sarubbo gentoo-dev 2013-09-12 05:59:20 UTC
bump done, closing as noglsa.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-09-12 22:48:07 UTC
CVE-2013-4340 (
  wp-admin/includes/post.php in WordPress before 3.6.1 allows remote
  authenticated users to spoof the authorship of a post by leveraging the
  Author role and providing a modified user_ID parameter.

CVE-2013-4339 (
  WordPress before 3.6.1 does not properly validate URLs before use in an HTTP
  redirect, which allows remote attackers to bypass intended redirection
  restrictions via a crafted string.

CVE-2013-4338 (
  wp-includes/functions.php in WordPress before 3.6.1 does not properly
  determine whether data has been serialized, which allows remote attackers to
  execute arbitrary code by triggering erroneous PHP unserialize operations.
Comment 3 Chris Reffett (RETIRED) gentoo-dev Security 2013-09-12 22:49:39 UTC
Needs more cleanup.
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2013-12-30 05:21:31 UTC

Maintainer(s), please drop the vulnerable version.
Comment 5 Chris Reffett (RETIRED) gentoo-dev Security 2014-01-11 22:52:14 UTC
Maintainer timeout. Cleaned up.