The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote attackers to execute arbitrary commands via certain commands that generate thumbnails.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Imagegalleryplugin | Twiki | * | * |
References
- http://marc.info/?l=bugtraq\u0026m=110918725225288\u0026w=2
- http://secunia.com/advisories/14384
- http://static.enyo.de/fw/patches/twiki/imagegallery-robustness-20041128.diff
- http://www.enyo.de/fw/security/notes/twiki-robustness.html
- http://marc.info/?l=bugtraq\u0026m=110918725225288\u0026w=2
- http://secunia.com/advisories/14384
- http://static.enyo.de/fw/patches/twiki/imagegallery-robustness-20041128.diff
- http://www.enyo.de/fw/security/notes/twiki-robustness.html