1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## 010CVE-2008-1502.dpatch by Giuseppe Iuculano <giuseppe@iuculano.it>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixed CVE-2008-1502 _bad_protocol_once function in KSES allows remote attackers to conduct XSS attacks (Closes: #504243)
@DPATCH@
diff -urNad wordpress~/wp-includes/kses.php wordpress/wp-includes/kses.php
--- wordpress~/wp-includes/kses.php 2009-08-14 21:48:41.000000000 +0200
+++ wordpress/wp-includes/kses.php 2009-08-14 22:32:01.000000000 +0200
@@ -443,7 +443,12 @@
# handling whitespace and HTML entities.
###############################################################################
{
- return preg_replace('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/e', 'wp_kses_bad_protocol_once2("\\1", $allowed_protocols)', $string);
+ $string2 = preg_split('/:|:|:/i', $string, 2);
+ if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
+ {
+ $string = wp_kses_bad_protocol_once2($string2[0],$allowed_protocols).trim($string2[1]);
+ }
+ return $string;
} # function wp_kses_bad_protocol_once
function wp_kses_bad_protocol_once2($string, $allowed_protocols)
|
