WordPress Wp-trackback.php Denial Of Service Vulnerability Network Vulnerability

Summary

The host is running WordPress and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will allow attacker to cause a Denial of Service due to high CPU consumption. Impact Level: System/Application

Solution

Upgrade to WordPress version 2.8.5 or later. http://wordpress.org/download/

Insight

An error occurs in wp-trackbacks.php due to improper validation of user supplied data passed into 'mb_convert_encoding()' function. This can be exploited by sending multiple-source character encodings into the fuction.

Affected

WordPress version prior to 2.8.5 on all platforms.

References

http://secunia.com/advisories/37088/
http://www.vupen.com/english/advisories/2009/2986
http://xforce.iss.net/xforce/xfdb/53884

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-3622
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Linux
F-Secure Policy Manager Server fsmsh.dll module DoS
ClamAV Remote Denial of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability-03
ClamAV LZH File Unpacking Denial of Service Vulnerability (Linux)

WordPress wp-trackback.php Denial of Service Vulnerability

Take action and discover your vulnerabilities