oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: WordPress plugin vitamin traversal arbitrary file access

From: cve-assign () mitre org
Date: Mon, 28 Jul 2014 19:10:34 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Can I get 2012 CVE for WordPress plugin vitamin path parameter traversal
arbitrary file access vulnerability, thanks. Files: add_headers.php, minify.php

Affected: 1.0
Fixed in: 1.1

Changelog: http://wordpress.org/plugins/vitamin/changelog/
SCM: https://plugins.trac.wordpress.org/changeset/582232/vitamin


Use CVE-2012-6651. The scope of this CVE ID is the directory
traversal. It isn't directly about the ability to access .php
and .phtml files in unpatched versions, apparently corrected with
lines such as:

  if( 'php' == strtolower($ext) ) { die("Adding headers to php files is forbidden"); }

We did not research that in depth, but suspect that it may be a
usability fix rather than a security fix.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJT1tc9AAoJEKllVAevmvmsbRwIAJhf/l3HLBx5f4HgY2yEozXF
alxy3DonvvENWr05OlFwLZI90MsYV+V4bvtFA9Qpnsun/Q202qu+/xWfhj6/2LKf
7FRS/7gSsdjUQSuSmyjgO8NpfW7y41D8Zt/+O9hjGj8K5FCuDjoBkuSblJvfW8x7
Lo/mZPrvyrjcSL5ZhUpff++IiLUo0yBWVddu2ehii2o9fjtPTQA2PCa6wZIdgoHv
Mv7p2QRVPvVubfM83WoxmpUq7uukNFYTnPivVgaqw9VqMKHNw6gJlD9o877AJOTk
HCTYa8cL16P85OlVqC2KR/0K+jwcyrtrIQGPBlR9px69TXa/HVsmzmsJSdD/Bzs=
=cnlx
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: