CVE-2013-4338
Published: 12 September 2013
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
Priority
Status
Package | Release | Status |
---|---|---|
wordpress Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Not vulnerable
(3.6.1+dfsg-1)
|
|
trusty |
Does not exist
(trusty was not-affected [3.6.1+dfsg-1])
|
|
upstream |
Released
(3.6.1+dfsg-1)
|
|
utopic |
Not vulnerable
(3.6.1+dfsg-1)
|
|
vivid |
Not vulnerable
(3.6.1+dfsg-1)
|
|
wily |
Not vulnerable
(3.6.1+dfsg-1)
|
|
xenial |
Not vulnerable
(3.6.1+dfsg-1)
|
|
yakkety |
Not vulnerable
(3.6.1+dfsg-1)
|
|
zesty |
Not vulnerable
(3.6.1+dfsg-1)
|