CVE

Id
76335  
CVE No.
CVE-2014-9034  
Status
Candidate  
Description
wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.  
Phase
Assigned (20141120)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
703506 76335 CVE-2014-9034 MLIST:[oss-security] 20141125 Re: WordPress 4.0.1 Security Release  View
703507 76335 CVE-2014-9034 URL:http://openwall.com/lists/oss-security/2014/11/25/12  View
703508 76335 CVE-2014-9034 CONFIRM:http://core.trac.wordpress.org/changeset/30467  View
703509 76335 CVE-2014-9034 CONFIRM:https://wordpress.org/news/2014/11/wordpress-4-0-1/  View
703510 76335 CVE-2014-9034 CONFIRM:http://advisories.mageia.org/MGASA-2014-0493.html  View
703511 76335 CVE-2014-9034 DEBIAN:DSA-3085  View
703512 76335 CVE-2014-9034 URL:http://www.debian.org/security/2014/dsa-3085  View
703513 76335 CVE-2014-9034 MANDRIVA:MDVSA-2014:233  View
703514 76335 CVE-2014-9034 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:233  View
703515 76335 CVE-2014-9034 SECTRACK:1031243  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
18970 JVNDB-2014-007845 ownCloud のブックマークアプリケーションのインポート機能におけるクロスサイトスクリプティングの脆弱性 ownCloud のブックマークアプリケーションのインポート機能には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-9042 76335 3.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007845.html  View