Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated UTF-8 substrings, related to the mb_convert_encoding function in PHP.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wordpress | Wordpress | * | 2.8.4 (including) |
Wordpress | Ubuntu | dapper | * |
Wordpress | Ubuntu | hardy | * |
Wordpress | Ubuntu | intrepid | * |
Wordpress | Ubuntu | jaunty | * |
Wordpress | Ubuntu | karmic | * |
Wordpress | Ubuntu | upstream | * |