SB2014012105 - Multiple vulnerabilities in WordPress

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Cross-site scripting (CVE-ID: CVE-2012-6633)

Vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability is caused by an input validation error in wp-includes/default-filters.php in WordPress before 3.3.3. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-6634)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value.

3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-6635)

The vulnerability allows a remote #AU# to gain access to sensitive information.

wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft.

Remediation

Install update from vendor's website.

References

• http://codex.wordpress.org/Version_3.3.3
• https://core.trac.wordpress.org/changeset/21083
• https://core.trac.wordpress.org/changeset/21087
• https://core.trac.wordpress.org/changeset/21086