Description

MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.

Remediation

References

CVE-2015-2936

Related Vulnerabilities

WordPress Plugin WooCommerce Quick Reports Cross-Site Scripting (1.0.6)

WordPress Plugin WP Font Awesome Cross-Site Scripting (1.7.8)

Python Integer Overflow or Wraparound Vulnerability (CVE-2010-1449)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5022)

Internet Information Services Other Vulnerability (CVE-2001-1186)

Severity

High

Classification

CVE-2015-2936

Tags

Missing Update Known Vulnerabilities