CVE

Id
64285  
CVE No.
CVE-2013-4338  
Status
Candidate  
Description
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.  
Phase
Assigned (20130612)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
634085 64285 CVE-2013-4338 CONFIRM:http://codex.wordpress.org/Version_3.6.1  View
634086 64285 CVE-2013-4338 CONFIRM:http://core.trac.wordpress.org/changeset/25325  View
634087 64285 CVE-2013-4338 CONFIRM:http://wordpress.org/news/2013/09/wordpress-3-6-1/  View
634088 64285 CVE-2013-4338 DEBIAN:DSA-2757  View
634089 64285 CVE-2013-4338 URL:http://www.debian.org/security/2013/dsa-2757  View
634090 64285 CVE-2013-4338 FEDORA:FEDORA-2013-16855  View
634091 64285 CVE-2013-4338 URL:http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html  View
634092 64285 CVE-2013-4338 FEDORA:FEDORA-2013-16895  View
634093 64285 CVE-2013-4338 URL:http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html  View
634094 64285 CVE-2013-4338 FEDORA:FEDORA-2013-16925  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
22749 JVNDB-2013-004324 Linux Kernel の drivers/net/tun.c における権限を取得される脆弱性 Linux Kernel の drivers/net/tun.c には、解放済みメモリの使用 (Use-after-free) により、権限を取得される脆弱性が存在します。 CVE-2013-4343 64285 6.9 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004324.html  View