NVD

Id
4897  
Name
CVE-2008-5113  
Description
WordPress 2.6.3 relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier for remote attackers to conduct delayed and persistent cross-site request forgery (CSRF) attacks via crafted cookies, as demonstrated by attacks that (1) delete user accounts or (2) cause a denial of service (loss of application access). NOTE: this issue relies on the presence of an independent vulnerability that allows cookie injection.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-11-17  
Modified Date
2012-10-30  
Seq
2008-5113  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
30795 4897 CVE-2008-5113 http://bugs.debian.org/504771  View
30796 4897 CVE-2008-5113 [oss-security] 20081113 CVE request: wordpress can be subject of delayed attacks via cookies  View
30797 4897 CVE-2008-5113 DSA-1871  View
30798 4897 CVE-2008-5113 wordpress-request-weak-security(46698)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
51140 JVNDB-2008-006450 WordPress におけるクロスサイトリクエストフォージェリ (CSRF) 攻撃を実行される脆弱性 WordPress は、特定の危険な状況で REQUEST スーパーグローバル配列に依存するため、時差および永続的にクロスサイトリクエストフォージェリ (CSRF) 攻撃を実行される脆弱性が存在します。 CVE-2008-5113 35226 CVE-2008-5113 4897 4 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006450.html 2008-11-17 2012-12-20 View