[Bug 716641] Re: CVE-2010-4257: SQL Injection from trackback functions
Mahyuddin Susanto
mahyuddin.susanto at gmail.com
Sun Feb 13 15:03:42 UTC 2011
** Patch added: "wordpress_maverick-security.debdiff"
https://bugs.launchpad.net/ubuntu/+source/wordpress/+bug/716641/+attachment/1847351/+files/wordpress_maverick-security.debdiff
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/716641
Title:
CVE-2010-4257: SQL Injection from trackback functions
Status in “wordpress” package in Ubuntu:
Fix Released
Status in “wordpress” source package in Lucid:
New
Status in “wordpress” source package in Maverick:
New
Status in “wordpress” source package in Natty:
Fix Released
Status in “wordpress” package in Debian:
Unknown
Status in “wordpress” package in Fedora:
Unknown
Bug description:
Binary package hint: wordpress
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote
authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.
More information about the Ubuntu-sponsors
mailing list