Published: 29/01/2007 Updated: 16/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

WordPress allows remote malicious users to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress

Debian Bug report logs - #437085 CVE-2007-1599: wp-loginphp allows remote attackers to redirect authenticated users to other websites Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Steffen Joeris <steffenjoeris@sko ...

source: wwwsecurityfocuscom/bid/22220/info WordPress is prone to a denial-of-service vulnerability and an information-disclosure vulnerability Attackers can exploit these issues to consume memory and bandwidth resources, denying service to legitimate users, or to gain information that may aid in further attacks Versions prior to WordP ...

NVD-CWE-Other http://securityreason.com/securityalert/2191 http://www.debian.org/security/2008/dsa-1564 http://secunia.com/advisories/30013 http://www.securityfocus.com/archive/1/458003/100/0/threaded http://www.securityfocus.com/archive/1/457996/100/0/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437085 https://nvd.nist.gov https://www.exploit-db.com/exploits/29522/

CVE-2007-0540

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect