CVE-2014-4663

TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://seclists.org/oss-sec/2014/q2/689
https://code.google.com/p/timthumb/source/detail?r=219
http://packetstormsecurity.com/files/127192/TimThumb-2.8.13-Remote-Code-Execution.html
http://www.exploit-db.com/exploits/33851	Exploit
https://code.google.com/p/timthumb/issues/detail?id=485
http://secunia.com/advisories/59558
http://seclists.org/fulldisclosure/2014/Jun/117
http://seclists.org/fulldisclosure/2014/Jul/4

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:binarymoon:timthumb:2.8.13:::::::*
	cpe:2.3:a:binarymoon:wordthumb:1.07:::::::*

Information

Published : 2014-07-15 07:55

Updated : 2014-07-15 12:25

NVD link : CVE-2014-4663

Mitre link : CVE-2014-4663

JSON object : View

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

Products Affected

binarymoon

wordthumb
timthumb

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://seclists.org/oss-sec/2014/q2/689", "name": "[oss-security] 20140627 Re: CVE request: timthumb remote code execution", "tags": [], "refsource": "MLIST"}, {"url": "https://code.google.com/p/timthumb/source/detail?r=219", "name": "https://code.google.com/p/timthumb/source/detail?r=219", "tags": [], "refsource": "CONFIRM"}, {"url": "http://packetstormsecurity.com/files/127192/TimThumb-2.8.13-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/127192/TimThumb-2.8.13-Remote-Code-Execution.html", "tags": [], "refsource": "MISC"}, {"url": "http://www.exploit-db.com/exploits/33851", "name": "33851", "tags": ["Exploit"], "refsource": "EXPLOIT-DB"}, {"url": "https://code.google.com/p/timthumb/issues/detail?id=485", "name": "https://code.google.com/p/timthumb/issues/detail?id=485", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/59558", "name": "59558", "tags": [], "refsource": "SECUNIA"}, {"url": "http://seclists.org/fulldisclosure/2014/Jun/117", "name": "20140624 Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day)", "tags": [], "refsource": "FULLDISC"}, {"url": "http://seclists.org/fulldisclosure/2014/Jul/4", "name": "20140701 Re: Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day)", "tags": [], "refsource": "FULLDISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-94"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-4663", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-07-15T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:binarymoon:timthumb:2.8.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:binarymoon:wordthumb:1.07:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2014-07-15T19:25Z"}