oss-sec mailing list archives
Re: CVE request: timthumb remote code execution
From: cve-assign () mitre org
Date: Fri, 27 Jun 2014 12:10:42 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
http://seclists.org/fulldisclosure/2014/Jun/117 https://code.google.com/p/timthumb/issues/detail?id=485
The command line built on lines 967 and 969 is the problem area. https://code.google.com/p/timthumb/source/browse/trunk/timthumb.php#967
The original project WordThumb 1.07 also vulnerable ... using the older WordThumb.php script
Developed for use in the WordPress theme Mimbo Pro
several projects that shipped with "timthumb.php", such as,
Wordpress Gallery Plugin https://wordpress.org/plugins/wordpress-gallery-plugin/ IGIT Posts Slider Widget http://wordpress.org/plugins/igit-posts-slider-widget/
only vulnerable if the WebShot (aka WebShots) feature is enabled (default is disabled).
Use CVE-2014-4663. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTrZb/AAoJEKllVAevmvmsjDAIAKvNZhHNrmquxcY9SmBuu4mE PqYb23RBbjqXSBbzA8guw28WStkxG7atW7fsPA185LyaIn4PH92n4ZHyHphxlGnT iaZpcQFVbOtnmPdnf3JB64PJ9jviOmtfUyC9GnxlfLlbaPxTqgVnW9JZ2BybGKno YK3orCfmrjm5ma5BWsYjfWkf5YFYiWvNuz5xHgVqjGwisTREJ44SjVyoefWhHCRX zDBu2IoKBYJliZfwopM24aUyxE+C+sgLuxX6BRBPLRKd/kwh09Wsg/YJt+Jsc7Ah GHxm/tkmQZGLXpX3EEJNP5GJc/i7ePATnLAkwoadzP/nox5xSAQWhdTe/atC0aE= =afLD -----END PGP SIGNATURE-----
Current thread:
- CVE request: timthumb remote code execution Hanno Böck (Jun 25)
- Re: CVE request: timthumb remote code execution Hanno Böck (Jun 25)
- Re: CVE request: timthumb remote code execution cve-assign (Jun 27)