Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-5098

lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.

Related bugs and status

CVE-2006-5098 (Candidate) is related to these bugs:

Bug #45887: Security update needed for all versions prior to 2006 March 9th

		In	Importance	Status
45887	Security update needed for all versions prior to 2006 March 9th	dokuwiki (Ubuntu)	Medium	Fix Released
45887	Security update needed for all versions prior to 2006 March 9th	dokuwiki (Ubuntu Breezy)	Medium	Invalid
45887	Security update needed for all versions prior to 2006 March 9th	dokuwiki (Ubuntu Dapper)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

GENTOO: GLSA-200609-20
SECUNIA: 22192
SECUNIA: 22199
VUPEN: ADV-2006-3851
CONFIRM: http://bugs.splitbrain...