|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-12-20 | |
| Rule Name: | Coppermine Photo Gallery Remote Command Execution Vulnerability (CVE-2008-0506) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:27512 ExploitDB:5019 http://coppermine-gallery.net/forum/index.php?topic=50103.0 http://www.securityfocus.com/archive/1/487310/100/200/threaded |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: Coppermine Photo Gallery 1.4.10. |