CVE-2009-3622

NONECVSS 0.0

0.0

Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related to the mb_convert_encoding function in PHP.

🔗 References (26)

secalert@redhathttp://codes.zerial.org/php/wp-trackbacks_dos.phps
secalert@redhathttp://marc.info/?l=oss-security&m=125612393329041&w=2
secalert@redhathttp://marc.info/?l=oss-security&m=125614592004825&w=2
secalert@redhathttp://rooibo.wordpress.com/2009/10/17/agujero-de-seguridad-en-wordpress/
secalert@redhathttp://seclists.org/fulldisclosure/2009/Oct/263
secalert@redhathttp://secunia.com/advisories/37088
secalert@redhathttp://security-sh3ll.blogspot.com/2009/10/wordpress-resource-exhaustion-denial-of.html
secalert@redhathttp://securitytracker.com/id?1023072
secalert@redhathttp://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/
secalert@redhathttp://www.osvdb.org/59077
secalert@redhathttp://www.vupen.com/english/advisories/2009/2986
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=530056
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/53884
af854a3a-2127-422b-91ae-364da2661108http://codes.zerial.org/php/wp-trackbacks_dos.phps
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=125612393329041&w=2

Is Your Infrastructure Affected by CVE-2009-3622?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3622

📅 Published

🔄 Last Modified

🔗 References (26)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3622?