WordPress allows remote attackers to cause a denial of service (bandwidth
or thread consumption) via pingback service calls with a source URI that
corresponds to a file with a binary content type, which is downloaded even
though it cannot contain usable pingback data.
Updated: 2012-06-01 15:17:39 UTC (commit 5347)