CVE-2011-3129

{"id": "CVE-2011-3129", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-08-10T21:55:02.313", "references": [{"url": "http://secunia.com/advisories/49138", "source": "cve@mitre.org"}, {"url": "http://wordpress.org/news/2011/05/wordpress-3-1-3/", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2012/dsa-2470", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/47995", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/49138", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://wordpress.org/news/2011/05/wordpress-3-1-3/", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2012/dsa-2470", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/47995", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running \"on hosts with dangerous security settings,\" has unknown impact and attack vectors, possibly related to dangerous filenames."}, {"lang": "es", "value": "La funcionalidad de subida de archivo en WordPress 3.1 en versiones anteriores a 3.1.3 y 3.2 en versiones anteriores a Beta 2, cuando se ejecuta \"en hosts con ajustes de seguridad peligrosos\", tiene un impacto y vectores de ataque desconocidos, posiblemente relacionado con nombres de archivos peligrosos."}], "lastModified": "2024-11-21T01:29:47.967", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88D1E83C-39AC-4E3D-874A-AF0F16ADDE41"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65FD149E-8CF4-46FE-9F5E-9DEE61B4164C"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D23F1397-7262-4B61-8061-83C2ED731DB8"}, {"criteria": "cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8169A02-1AB3-4104-BA42-A934CA94B343"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}