oss-sec mailing list archives
CVE request: wordpress plugin timthumb before 2.0 remote code execution
From: Hanno Böck <hanno () hboeck de>
Date: Thu, 3 Nov 2011 12:23:34 +0100
http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/ Seems this never got a CVE. German newspage heise reports lots of hacked wordpress blogs, most likely due to this issue: http://www.heise.de/security/meldung/Tausende-WordPress-Blogs-zur-Verbreitung-von-Schadcode-genutzt-1370660.html -- Hanno Böck mail/jabber: hanno () hboeck de GPG: BBB51E42 http://www.hboeck.de/
Attachment:
signature.asc
Description:
Current thread:
- CVE request: wordpress plugin timthumb before 2.0 remote code execution Hanno Böck (Nov 03)
- Re: CVE request: wordpress plugin timthumb before 2.0 remote code execution Kurt Seifried (Nov 03)