PublicDate: 2007-12-12 00:46:00 UTC
Candidate: CVE-2007-6318
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6318
Description:
 SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and
 earlier allows remote attackers to execute arbitrary SQL commands via the s
 parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other
 character set encodings that support a "\" in a multibyte character.
Ubuntu-Description:
Notes:
 jdstrand> dapper and edgy not affected according to Emanuele Gentili (emgent)
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/wordpress/+bug/181416
Priority: low
Discovered-by:
Assigned-to:
CVSS: 
Patches_wordpress:
 debdiff: https://bugs.launchpad.net/ubuntu/+source/wordpress/+bug/181416
upstream_wordpress: needs-triage
dapper_wordpress: not-affected
edgy_wordpress: not-affected
feisty_wordpress: released (2.1.3-1ubuntu1.1)
gutsy_wordpress: released (2.2.2-1ubuntu1.2)
devel_wordpress: released (2.3.2-1)