‫ WordPress VideoWhisper Video Presentation Plugin Arbitrary File Upload Vulnerability

IRCAD2012061954
ID: IRCAD2012061954
Release Date: 2012-06-07
Criticality level: Highly critical
Software:
WordPress VideoWhisper Video Presentation Plugin 3.x
Description:
Sammy Forgit has discovered a vulnerability in the VideoWhisper Video Presentation plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to the wp-content/plugins/videowhisper-video-presentation/vp/vw_upload.php script not properly validating uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension.
Successful exploitation requires that Apache is not configured to handle the mime-type for media files with e.g. a ".gif" extension.
The vulnerability is confirmed in version 3.17. Other versions may also be affected.
Solution
Restrict access to the vw_upload.php script (e.g. via .htaccess).
References:
OpenSysCom:
Secunia:
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 18 خرداد 1391

امتیاز

امتیاز شما
تعداد امتیازها:0