CVE-2008-5687 Information

Description

MediaWiki 1.11 and other versions before 1.13.3 does not properly protect against the download of backups of deleted images which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.

Reference

http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.html http://secunia.com/advisories/33349 https://exchange.xforce.ibmcloud.com/vulnerabilities/47678 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01256.html https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01309.html