CVE-2011-0537

Priority
Description
Multiple directory traversal vulnerabilities in (1) languages/Language.php
and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions
before 1.16.2, when running on Windows and possibly Novell Netware, allow
remote attackers to include and execute arbitrary local PHP files via
vectors related to a crafted language file and the Language::factory
function.
Notes
Package
Upstream:released (1.16.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [1:1.19.2-1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-09-10 01:40:36 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)