Description
Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related to the mb_convert_encoding function in PHP.
Remediation
References
Related Vulnerabilities
Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230)
WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3)
Joomla Other Vulnerability (CVE-2006-4474)
WordPress Plugin Magic Fields 2 Cross-Site Scripting (2.3.2.4)
WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.1.02)