CVE-2005-4031

Publication date 6 December 2005

Last updated 24 July 2024


Ubuntu priority

Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the "user language option," which is used as part of a dynamic class name that is processed using the eval function.

Read the notes from the security team

Status

Package Ubuntu Release Status
mediawiki 7.10 gutsy
Not affected
7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected

Notes


fujitsu

Only affects 1.5.x, x<3.