Candidate: CVE-2008-5688
PublicDate: 2008-12-19 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5688
 http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.html
Description:
 MediaWiki 1.8.1, and other versions before 1.13.3, when the
 wgShowExceptionDetails variable is enabled, sometimes provides the full
 installation path in a debugging message, which might allow remote
 attackers to obtain sensitive information via unspecified requests that
 trigger an uncaught exception.
Ubuntu-Description:
Notes:
 mdeslaur> installation path is known in ubuntu packages
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_mediawiki:
upstream_mediawiki: released (1.13.3)
dapper_mediawiki: ignored (reached end-of-life)
gutsy_mediawiki: needed (reached end-of-life)
hardy_mediawiki: ignored
intrepid_mediawiki: ignored
jaunty_mediawiki: not-affected (1:1.13.3-1)
karmic_mediawiki: not-affected (1:1.13.3-1)
devel_mediawiki: not-affected (1:1.13.3-1)