wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wordpress | Wordpress | 3.5.1 (including) | 3.5.1 (including) |
Wordpress | Ubuntu | artful | * |
Wordpress | Ubuntu | lucid | * |
Wordpress | Ubuntu | precise | * |
Wordpress | Ubuntu | quantal | * |
Wordpress | Ubuntu | raring | * |
Wordpress | Ubuntu | saucy | * |
Wordpress | Ubuntu | upstream | * |
Wordpress | Ubuntu | utopic | * |
Wordpress | Ubuntu | vivid | * |
Wordpress | Ubuntu | wily | * |
Wordpress | Ubuntu | yakkety | * |
Wordpress | Ubuntu | zesty | * |