Vulnerability Description
Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mediawiki | Mediawiki | 1.3.0 |
References
- http://secunia.com/advisories/14360PatchVendor Advisory
- http://securitytracker.com/id?1013260PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=307067Patch
- http://www.gentoo.org/security/en/glsa/glsa-200502-33.xmlPatchVendor Advisory
- http://secunia.com/advisories/14360PatchVendor Advisory
- http://securitytracker.com/id?1013260PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=307067Patch
- http://www.gentoo.org/security/en/glsa/glsa-200502-33.xmlPatchVendor Advisory
FAQ
What is CVE-2005-0536?
CVE-2005-0536 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to ...
How severe is CVE-2005-0536?
CVE-2005-0536 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0536?
Check the references section above for vendor advisories and patch information. Affected products include: Mediawiki Mediawiki.