TCPDF 'params' Attribute Remote Code Execution Weakness
BID:39315
Info
TCPDF 'params' Attribute Remote Code Execution Weakness
| Bugtraq ID: | 39315 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 08 2010 12:00AM |
| Updated: | Apr 08 2010 12:00AM |
| Credit: | Matthias 'apoc' Hecker |
| Vulnerable: |
Tecnick TCPDF 4.9.5 Tecnick TCPDF 4.5.036 |
| Not Vulnerable: |
Tecnick TCPDF 4.9.006 |
Discussion
TCPDF 'params' Attribute Remote Code Execution Weakness
TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code.
An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with the privileges of the webserver.
Versions prior to TCPDF 4.9.006 are vulnerable.
TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code.
An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with the privileges of the webserver.
Versions prior to TCPDF 4.9.006 are vulnerable.
Exploit / POC
TCPDF 'params' Attribute Remote Code Execution Weakness
Attackers can use a browser to exploit this issue.
The following example data is available:
<tcpdf method="Rect" params=");echo `id`;die(" />
Attackers can use a browser to exploit this issue.
The following example data is available:
<tcpdf method="Rect" params=");echo `id`;die(" />
Solution / Fix
TCPDF 'params' Attribute Remote Code Execution Weakness
Solution:
Updates are available to address this issue. Please see the references for more information.
Solution:
Updates are available to address this issue. Please see the references for more information.
References
TCPDF 'params' Attribute Remote Code Execution Weakness
References:
References:
- TCPDF Homepage (Tecnick)
- TCPDF Library Remote Code Execution Vulnerability (Matthias -apoc- Hecker