Secunia Security Advisory - Tatercrispies has reported a vulnerability in vBulletin, which can be exploited by malicious people to conduct script insertion attacks.
8a8927ca964b77d9e5b6e35dbd863e157dbc53ed43cd89da3d44518ce7bee014
TITLE:
vBulletin Image Script Insertion Vulnerability
SECUNIA ADVISORY ID:
SA17359
VERIFY ADVISORY:
http://secunia.com/advisories/17359/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
SOFTWARE:
vBulletin 3.x
http://secunia.com/product/3212/
vBulletin 2.x
http://secunia.com/product/538/
DESCRIPTION:
Tatercrispies has reported a vulnerability in vBulletin, which can be
exploited by malicious people to conduct script insertion attacks.
The vulnerability is caused due to an input validation error in the
image upload handling. This can exploited to execute arbitrary HTML
and script code in a user's browser session in context of an affected
site by uploading a specially crafted valid image containing embedded
HTML and script code.
This is related to:
SA17295
Successful exploitation requires that the malicious image is accessed
directly in the Microsoft Internet Explorer browser (i.e. not
referenced via an image tag).
It has also been reported by the vendor that certain input isn't
properly verified due to a vulnerability in PHP.
For more information:
SA17371
The vulnerability has been reported in versions 3.5.0, 3.0.6 through
3.0.9, and 2.3.4 through 2.3.7. Prior versions may also be affected.
SOLUTION:
Update to version 3.5.1, 3.0.10, or 2.3.8, or apply patch.
http://www.vbulletin.com/forum/showthread.php?t=161721
PROVIDED AND/OR DISCOVERED BY:
Tatercrispies
OTHER REFERENCES:
SA17295:
http://secunia.com/advisories/17295/
SA17371:
http://secunia.com/advisories/17371/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed