[Git][security-tracker-team/security-tracker][master] Add notes for CVE-2019-8943/wordpress

Salvatore Bonaccorso carnil at debian.org
Sat Apr 13 07:43:30 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b00de0d4 by Salvatore Bonaccorso at 2019-04-13T06:43:10Z
Add notes for CVE-2019-8943/wordpress

The path traversal issue itself is still open although cannot anymore be
taken advantage as the remote code execution angle is already covered by
the libgd2 update issues.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6365,7 +6365,10 @@ CVE-2019-8944 (An Information Exposure issue in the Terraform deployment step in
 CVE-2019-8943 (WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...)
 	- wordpress <undetermined> (bug #923583)
 	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
-	NOTE: The code execution angle is fixed via gd security, details on the rest are murky
+	NOTE: The code execution angle is fixed via gd security, details on the rest are murky.
+	NOTE: This CVE is explicitly for the mentioned Path Traversal in wp_crop_image().
+	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/#path-traversal-via-modified-post-meta
+	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/#exploiting-the-path-traversal-lfi-in-theme-directory
 CVE-2019-8942 (WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code executi ...)
 	{DSA-4401-1 DLA-1742-1}
 	- wordpress 5.0.1+dfsg1-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b00de0d43d34cdfabe84916aba65e84a5e80aef1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b00de0d43d34cdfabe84916aba65e84a5e80aef1
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190413/0771e0dc/attachment.html>

More information about the debian-security-tracker-commits mailing list