MediaWiki Unspecified Clickjacking Vulnerability
BID:69137
Info
MediaWiki Unspecified Clickjacking Vulnerability
| Bugtraq ID: | 69137 |
| Class: | Design Error |
| CVE: |
CVE-2014-5243 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 30 2014 12:00AM |
| Updated: | Apr 13 2015 09:23PM |
| Credit: | Kevin Israel |
| Vulnerable: |
MediaWiki Mediawiki 1.23.1 MediaWiki Mediawiki 1.22.8 MediaWiki Mediawiki 1.19.17 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: |
MediaWiki Mediawiki 1.23.2 MediaWiki Mediawiki 1.22.9 MediaWiki Mediawiki 1.19.18 |
Exploit / POC
MediaWiki Unspecified Clickjacking Vulnerability
An attacker can exploit this issue by enticing an unsuspecting user to visit a crafted webpage.
An attacker can exploit this issue by enticing an unsuspecting user to visit a crafted webpage.
Solution / Fix
MediaWiki Unspecified Clickjacking Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Mandriva Business Server 1 X86 64
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Mandriva Business Server 1 X86 64
-
Mandriva mediawiki-1.23.2-1.mbs1.noarch.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mediawiki-mysql-1.23.2-1.mbs1.noarch.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mediawiki-pgsql-1.23.2-1.mbs1.noarch.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva mediawiki-sqlite-1.23.2-1.mbs1.noarch.rpm
http://www.mandriva.com/en/downloads/