SecuritySpace - CVE-2015-8001

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-8001

Description: The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-8001
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html
http://www.securitytracker.com/id/1034028

CVE ID:	CVE-2015-8001
Description:	The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8001 https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html http://www.securitytracker.com/id/1034028