Lucene search

[email protected]CVE-2011-4106

HistoryOct 26, 2013 - 4:55 p.m.

CVE-2011-4106

2013-10-2616:55:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2011-4106

timthumb

php

remote code execution

security vulnerability

9.4 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.2%

JSON

TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011.

CPENameOperatorVersion
binarymoon:timthumbbinarymoon timthumble1.99

CPE	Name	Operator	Version
binarymoon:timthumb	binarymoon timthumb	le	1.99

References

code.google.com/p/timthumb/issues/detail?id=212

markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/

markmaunder.com/2011/08/02/technical-details-and-scripts-of-the-wordpress-timthumb-php-hack/

www.binarymoon.co.uk/2011/08/timthumb-2/

www.exploit-db.com/exploits/17602

www.exploit-db.com/exploits/17872

www.openwall.com/lists/oss-security/2011/11/03/4

9.4 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.2%

JSON

Related for CVE-2011-4106

dsquare16 patchstack1 prion1 nessus1 wpvulndb1 impervablog1