Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

TimThumb Arbitrary Code Injection

High

Synopsis

The remote host is running software which allows arbitrary code injection

Description

The remote host is running TimThumb, a PHP application which allows for image sizing on demand. This version of TimThumb is vulnerable to a flaw in the way that it parses valid 'allowed sites'. By default, TimThumb ships with a predefined list of trusted domains. However, when parsing client-issued URLs, it does not ensure that the domain is valid. So, for instance, an attacker can use a domain like flickr.com.myhost.com and TimThumb will download from that site because it contains the string 'flickr.com'.

Solution

Ensure that you are running the latest version of this product.