[wp-hackers] New aribtrary code vulnerability in TimThumb (not quite as bad as last time)

Harry Metcalfe harry at dxw.com
Wed Jun 25 11:59:57 UTC 2014

Previous message: [wp-hackers] Options table' varchar 64.
Next message: [wp-hackers] getting the expiration value of a transient when OBJECT_CACHE is involved
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Just a heads-up. If you're using Webshots, you're vulnerable. No new 
version yet.

Here's the report: http://seclists.org/fulldisclosure/2014/Jun/117

And my writeup with instructions for fix: 
http://www.dxw.com/2014/06/timthumb-raises-its-ugly-head-once-again/

Harry

-- 
Harry Metcalfe
07790 559 876
@harrym

Previous message: [wp-hackers] Options table' varchar 64.
Next message: [wp-hackers] getting the expiration value of a transient when OBJECT_CACHE is involved
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the wp-hackers mailing list