oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: timthumb remote code execution

From: cve-assign () mitre org
Date: Fri, 27 Jun 2014 12:10:42 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


http://seclists.org/fulldisclosure/2014/Jun/117
https://code.google.com/p/timthumb/issues/detail?id=485



The command line built on lines 967 and 969 is the problem area.
https://code.google.com/p/timthumb/source/browse/trunk/timthumb.php#967



The original project WordThumb 1.07 also vulnerable ... using the
older WordThumb.php script



Developed for use in the WordPress theme Mimbo Pro



several projects that shipped with "timthumb.php", such as,



Wordpress Gallery Plugin
https://wordpress.org/plugins/wordpress-gallery-plugin/
IGIT Posts Slider Widget
http://wordpress.org/plugins/igit-posts-slider-widget/



only vulnerable if the WebShot (aka WebShots) feature is enabled
(default is disabled).


Use CVE-2014-4663.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTrZb/AAoJEKllVAevmvmsjDAIAKvNZhHNrmquxcY9SmBuu4mE
PqYb23RBbjqXSBbzA8guw28WStkxG7atW7fsPA185LyaIn4PH92n4ZHyHphxlGnT
iaZpcQFVbOtnmPdnf3JB64PJ9jviOmtfUyC9GnxlfLlbaPxTqgVnW9JZ2BybGKno
YK3orCfmrjm5ma5BWsYjfWkf5YFYiWvNuz5xHgVqjGwisTREJ44SjVyoefWhHCRX
zDBu2IoKBYJliZfwopM24aUyxE+C+sgLuxX6BRBPLRKd/kwh09Wsg/YJt+Jsc7Ah
GHxm/tkmQZGLXpX3EEJNP5GJc/i7ePATnLAkwoadzP/nox5xSAQWhdTe/atC0aE=
=afLD
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: