Copy
HostingSecList - Security notices for the hosting community.

Wordpress TimThumb 2.8.13

Urgent Action Required

We have been made aware of an active zero day exploit in Wordpress TimThumb 2.8.13.
There is no known work around at this time outside of disabling the webshot function in timthumb.

* If you remember the last timthumb exploit, it was a big issue *

http://seclists.org/fulldisclosure/2014/Jun/117
https://code.google.com/p/timthumb/issues/detail?id=485&thanks=485&ts=1403690188
Our mailing address is:
RACK911 Labs
1110 Palms Airport Drive
Suite 110
Las Vegas, NV 89119

Add us to your address book


Copyright © 2014 RACK911 Labs, All rights reserved.
Email Marketing Powered by Mailchimp