Launchpad CVE tracker

CVE 2008-5252

Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors.

Related bugs and status

CVE-2008-5252 (Candidate) is related to these bugs:

Bug #323842: Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]

		In	Importance	Status
323842	Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]	mediawiki (Ubuntu)	Undecided	Invalid
323842	Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]	mediawiki (Ubuntu Dapper)	Undecided	Won't Fix
323842	Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]	mediawiki (Ubuntu Gutsy)	Undecided	Won't Fix
323842	Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]	mediawiki (Ubuntu Intrepid)	Undecided	Fix Released
323842	Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]	mediawiki (Ubuntu Hardy)	Undecided	Fix Released
323842	Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]	mediawiki (Ubuntu Jaunty)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

MLIST: [mediawiki-announce] 2...
SECUNIA: 33133
FEDORA: FEDORA-2008-11688
FEDORA: FEDORA-2008-11802
SECUNIA: 33349
SUSE: SUSE-SR:2009:004
DEBIAN: DSA-1901

Launchpad.net

CVE 2008-5252

Related bugs and status

Related bugs

References