[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1151-1] wordpress security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wordpress
Version        : 3.6.1+dfsg-1~deb7u17
CVE ID         : CVE-2016-9263  CVE-2017-14718 CVE-2017-14719
	         CVE-2017-14720 CVE-2017-14721 CVE-2017-14722
                 CVE-2017-14723 CVE-2017-14725 CVE-2017-14990
Debian Bug     : 876274 877629

Several vulnerabilities were discovered in wordpress, a web blogging
tool. The Common Vulnerabilities and Exposures project identifies the
following issues.

CVE-2016-9263
    When domain-based flashmediaelement.swf sandboxing is not used,
    allows remote attackers to conduct cross-domain Flash injection
    (XSF) attacks by leveraging code contained within the
    wp-includes/js/mediaelement/flashmediaelement.swf file.

    This issue was resolved by completely removing
    flashmediaelement.swf.

CVE-2017-14718
    WordPress was susceptible to a Cross-Site Scripting attack in the
    link modal via a javascript: or data: URL.

CVE-2017-14719
    WordPress was vulnerable to a directory traversal attack during
    unzip operations in the ZipArchive and PclZip components.

CVE-2017-14720
    WordPress allowed a Cross-Site scripting attack in the template list
    view via a crafted template name.

CVE-2017-14721
    WordPress allowed Cross-Site scripting in the plugin editor via a
    crafted plugin name.

CVE-2017-14722
    WordPress allowed a Directory Traversal attack in the Customizer
    component via a crafted theme filename.

CVE-2017-14723
    WordPress mishandled % characters and additional placeholder values
    in $wpdb->prepare, and thus did not properly address the possibility
    of plugins and themes enabling SQL injection attacks.

CVE-2017-14725
    WordPress was susceptible to an open redirect attack in
    wp-admin/user-edit.php.

CVE-2017-14990
    WordPress stores cleartext wp_signups.activation_key values (but
    stores the analogous wp_users.user_activation_key values as hashes),
    which might make it easier for remote attackers to hijack
    unactivated user accounts by leveraging database read access
   (such as access gained through an unspecified SQL injection
    vulnerability).

For Debian 7 "Wheezy", these problems have been fixed in version
3.6.1+dfsg-1~deb7u17.

We recommend that you upgrade your wordpress packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAln4lRlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQeXBAAsg+z+OUvK5teqWOEg0hz4r0zIRvAJtslymt3N9UkhBUk02dg1AmPjmgi
su4HJB9/cfiB6GLQnp3kbvqOLyOX+DnSbDdk3oknUDsm3wfBsVYk3U69l5ePQLNT
pcXGsXtENIx4zp4pzl7QVuchzggM7oPv36H3fc/NFuzCypojRz+Ua5aVO01zRd0K
yAwXxxI8hyLlb3nI53EWEmfsbGUj1pyMmbKU8mOxmyezikYJrucA/fyB1VJbdU3N
Z32jh5GUhvmx7mDC8Mb7NJGeUOeihHMLpNS7bFPMM2YoCnEIdeG3zUQ768sUDaUV
cijuzfg+6o5KR9zKcBm33Vs95JXRib27sFBfJXOPI6E7TyKt7nO0bKc4yaftL4p9
6EX5bF3vON476shhLPHD7GgGjyzZB5YBAuGNtB/7S7esFYidptEh97bbCHoA7C6n
sY1Vf9PWWEDC/M/cm38SLRt2Qw62/iXHiO9E2IsgW9bLG71Dd9DoVLmBMAnuUhhV
txFmzGBn2sPxdS8oC79FfFfVuQFj2LWtjIUjuYLCA7ShLHtyj1XaRg31aLUwfFGq
ggJZxRhEc3HBz4QOQ1K41DRKkzuOA7IUesAt+vHniLeLt4YOB6DJdNdrBiAbLTQW
igC1gcTy6nXd25C7Z9jywkNE8l9+J9691KpLxaiwOXiEyIkUHmM=
=R75A
-----END PGP SIGNATURE-----


Reply to: