search menu icon-carat-right cmu-wordmark

CERT Coordination Center

MediaWiki fails to properly verify input passed to the user language option

Vulnerability Note VU#392156

Original Release Date: 2005-12-07 | Last Revised: 2005-12-07

Overview

A vulnerability in some versions of MediaWiki may allow a remote attacker to execute code on a vulnerable wiki server.

Description

MediaWiki is a PHP-based software package that is used to run a wiki, a collaborative website that can be edited by any user or visitor. Some versions of the MediaWiki software contain an error in the validation of the user language option. This error results in a vulnerability since this parameter is supplied by a remote user and is used in forming a class name dynamically created with the PHP eval() function.

Impact

A remote attacker may be able to execute PHP code of their choosing on a vulnerable server. The attacker-supplied code would be executed in the context of the web server

Solution

Upgrade

Version 1.5.3 of the MediaWiki software contains a fix for this issue. Users of older 1.5.x versions of the software are encouraged to upgrade to this fixed version. Versions 1.4 and earlier of the software are reportedly not affected by this issue.

Vendor Information

No information available at this time.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Acknowledgements

Thanks to the MediaWiki project for reporting this vulnerability.

This document was written by Chad R Dougherty based on information provided by the MediaWiki project.

Other Information

CVE IDs: None
Severity Metric: 16.88
Date Public: 2005-12-05
Date First Published: 2005-12-07
Date Last Updated: 2005-12-07 20:46 UTC
Document Revision: 9

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.