Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different vulnerability than CVE-2012-3414.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wordpress | Wordpress | * | 3.3.1 (including) |
| Wordpress | Wordpress | 0.71 (including) | 0.71 (including) |
| Wordpress | Wordpress | 1.0 (including) | 1.0 (including) |
| Wordpress | Wordpress | 1.0.1 (including) | 1.0.1 (including) |
| Wordpress | Wordpress | 1.0.2 (including) | 1.0.2 (including) |
| Wordpress | Wordpress | 1.1.1 (including) | 1.1.1 (including) |
| Wordpress | Wordpress | 1.2 (including) | 1.2 (including) |
| Wordpress | Wordpress | 1.2.1 (including) | 1.2.1 (including) |
| Wordpress | Wordpress | 1.2.2 (including) | 1.2.2 (including) |
| Wordpress | Wordpress | 1.2.3 (including) | 1.2.3 (including) |
| Wordpress | Wordpress | 1.2.4 (including) | 1.2.4 (including) |
| Wordpress | Wordpress | 1.2.5 (including) | 1.2.5 (including) |
| Wordpress | Wordpress | 1.2.5-a (including) | 1.2.5-a (including) |
| Wordpress | Wordpress | 1.3 (including) | 1.3 (including) |
| Wordpress | Wordpress | 1.3.2 (including) | 1.3.2 (including) |
| Wordpress | Wordpress | 1.3.3 (including) | 1.3.3 (including) |
| Wordpress | Wordpress | 1.5 (including) | 1.5 (including) |
| Wordpress | Wordpress | 1.5.1 (including) | 1.5.1 (including) |
| Wordpress | Wordpress | 1.5.1.1 (including) | 1.5.1.1 (including) |
| Wordpress | Wordpress | 1.5.1.2 (including) | 1.5.1.2 (including) |
| Wordpress | Wordpress | 1.5.1.3 (including) | 1.5.1.3 (including) |
| Wordpress | Wordpress | 1.5.2 (including) | 1.5.2 (including) |
| Wordpress | Wordpress | 2.0 (including) | 2.0 (including) |
| Wordpress | Wordpress | 2.0.1 (including) | 2.0.1 (including) |
| Wordpress | Wordpress | 2.0.2 (including) | 2.0.2 (including) |
| Wordpress | Wordpress | 2.0.4 (including) | 2.0.4 (including) |
| Wordpress | Wordpress | 2.0.5 (including) | 2.0.5 (including) |
| Wordpress | Wordpress | 2.0.6 (including) | 2.0.6 (including) |
| Wordpress | Wordpress | 2.0.7 (including) | 2.0.7 (including) |
| Wordpress | Wordpress | 2.0.8 (including) | 2.0.8 (including) |
| Wordpress | Wordpress | 2.0.9 (including) | 2.0.9 (including) |
| Wordpress | Wordpress | 2.0.10 (including) | 2.0.10 (including) |
| Wordpress | Wordpress | 2.0.11 (including) | 2.0.11 (including) |
| Wordpress | Wordpress | 2.1 (including) | 2.1 (including) |
| Wordpress | Wordpress | 2.1.1 (including) | 2.1.1 (including) |
| Wordpress | Wordpress | 2.1.2 (including) | 2.1.2 (including) |
| Wordpress | Wordpress | 2.1.3 (including) | 2.1.3 (including) |
| Wordpress | Wordpress | 2.2 (including) | 2.2 (including) |
| Wordpress | Wordpress | 2.2.1 (including) | 2.2.1 (including) |
| Wordpress | Wordpress | 2.2.2 (including) | 2.2.2 (including) |
| Wordpress | Wordpress | 2.2.3 (including) | 2.2.3 (including) |
| Wordpress | Wordpress | 2.3 (including) | 2.3 (including) |
| Wordpress | Wordpress | 2.3.1 (including) | 2.3.1 (including) |
| Wordpress | Wordpress | 2.3.2 (including) | 2.3.2 (including) |
| Wordpress | Wordpress | 2.3.3 (including) | 2.3.3 (including) |
| Wordpress | Wordpress | 2.5 (including) | 2.5 (including) |
| Wordpress | Wordpress | 2.5.1 (including) | 2.5.1 (including) |
| Wordpress | Wordpress | 2.6 (including) | 2.6 (including) |
| Wordpress | Wordpress | 2.6.1 (including) | 2.6.1 (including) |
| Wordpress | Wordpress | 2.6.2 (including) | 2.6.2 (including) |
| Wordpress | Wordpress | 2.6.3 (including) | 2.6.3 (including) |
| Wordpress | Wordpress | 2.6.5 (including) | 2.6.5 (including) |
| Wordpress | Wordpress | 2.7 (including) | 2.7 (including) |
| Wordpress | Wordpress | 2.7.1 (including) | 2.7.1 (including) |
| Wordpress | Wordpress | 2.8 (including) | 2.8 (including) |
| Wordpress | Wordpress | 2.8.1 (including) | 2.8.1 (including) |
| Wordpress | Wordpress | 2.8.2 (including) | 2.8.2 (including) |
| Wordpress | Wordpress | 2.8.3 (including) | 2.8.3 (including) |
| Wordpress | Wordpress | 2.8.4 (including) | 2.8.4 (including) |
| Wordpress | Wordpress | 2.8.4-a (including) | 2.8.4-a (including) |
| Wordpress | Wordpress | 2.8.5 (including) | 2.8.5 (including) |
| Wordpress | Wordpress | 2.8.5.1 (including) | 2.8.5.1 (including) |
| Wordpress | Wordpress | 2.8.5.2 (including) | 2.8.5.2 (including) |
| Wordpress | Wordpress | 2.8.6 (including) | 2.8.6 (including) |
| Wordpress | Wordpress | 2.9 (including) | 2.9 (including) |
| Wordpress | Wordpress | 2.9.1 (including) | 2.9.1 (including) |
| Wordpress | Wordpress | 2.9.1.1 (including) | 2.9.1.1 (including) |
| Wordpress | Wordpress | 2.9.2 (including) | 2.9.2 (including) |
| Wordpress | Wordpress | 3.0 (including) | 3.0 (including) |
| Wordpress | Wordpress | 3.0.1 (including) | 3.0.1 (including) |
| Wordpress | Wordpress | 3.0.2 (including) | 3.0.2 (including) |
| Wordpress | Wordpress | 3.0.3 (including) | 3.0.3 (including) |
| Wordpress | Wordpress | 3.0.4 (including) | 3.0.4 (including) |
| Wordpress | Wordpress | 3.0.5 (including) | 3.0.5 (including) |
| Wordpress | Wordpress | 3.0.6 (including) | 3.0.6 (including) |
| Wordpress | Wordpress | 3.1 (including) | 3.1 (including) |
| Wordpress | Wordpress | 3.1.1 (including) | 3.1.1 (including) |
| Wordpress | Wordpress | 3.1.2 (including) | 3.1.2 (including) |
| Wordpress | Wordpress | 3.1.3 (including) | 3.1.3 (including) |
| Wordpress | Wordpress | 3.3 (including) | 3.3 (including) |
| Wordpress | Ubuntu | hardy | * |
| Wordpress | Ubuntu | lucid | * |
| Wordpress | Ubuntu | natty | * |
| Wordpress | Ubuntu | oneiric | * |
| Wordpress | Ubuntu | precise | * |
| Wordpress | Ubuntu | upstream | * |
References
- http://core.trac.wordpress.org/browser/branches/3.3/wp-includes/js/swfupload/swfupload.swf?rev=20503
- http://jvn.jp/en/jp/JVN25280162/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-002110
- http://make.wordpress.org/core/2013/06/21/secure-swfupload/
- http://osvdb.org/81459
- http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/122399/tinymce11-xss.txt
- http://seclists.org/fulldisclosure/2013/Mar/110
- http://secunia.com/advisories/49138
- http://wordpress.org/news/2012/04/wordpress-3-3-2/
- http://www.debian.org/security/2012/dsa-2470
- http://www.openwall.com/lists/oss-security/2013/07/18/13
- http://www.osvdb.org/91134
- http://www.securityfocus.com/bid/53192
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75210
- http://core.trac.wordpress.org/browser/branches/3.3/wp-includes/js/swfupload/swfupload.swf?rev=20503
- http://jvn.jp/en/jp/JVN25280162/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-002110
- http://make.wordpress.org/core/2013/06/21/secure-swfupload/
- http://osvdb.org/81459
- http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/122399/tinymce11-xss.txt
- http://seclists.org/fulldisclosure/2013/Mar/110
- http://secunia.com/advisories/49138
- http://wordpress.org/news/2012/04/wordpress-3-3-2/
- http://www.debian.org/security/2012/dsa-2470
- http://www.openwall.com/lists/oss-security/2013/07/18/13
- http://www.osvdb.org/91134
- http://www.securityfocus.com/bid/53192
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75210