MediaWiki Quiz extended Denial of Service Vulnerability (CVE-2015-6736)
MediaWiki Quiz extended Denial of Service Vulnerability (CVE-2015-6736)
Release date:
Updated on: 2015-09-02
Affected Systems:
MediaWiki <1.25.2
MediaWiki <1.24.3
MediaWiki <1.23.10
Description:
CVE (CAN) ID: CVE-2015-6736
MediaWiki is a famous wiki program running in the PHP + MySQL environment.
MediaWiki's Quiz extension allows remote attackers to cause DoS by using the regex metacharacters in regular expressions.
<* Source: MediaWiki
*>
Suggestion:
Vendor patch:
MediaWiki
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html
Https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html
This article permanently updates the link address: