Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1785

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-1785
Last Modified 20 Mar 2012 12:00:00
Published 19 Mar 2012 02:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1785

Summary

kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors.

Vulnerable Systems

Application

  • Kylegilman Video Embed %26 Thumbnail Generator 0.2

  • Kylegilman Video Embed %26 Thumbnail Generator 0.2.1

  • Kylegilman Video Embed %26 Thumbnail Generator 1.0

  • Kylegilman Video Embed %26 Thumbnail Generator 1.0.1

  • Kylegilman Video Embed %26 Thumbnail Generator 1.0.2

  • Kylegilman Video Embed %26 Thumbnail Generator 1.0.3

  • Kylegilman Video Embed %26 Thumbnail Generator 1.0.4

  • Kylegilman Video Embed %26 Thumbnail Generator 1.0.5

  • Kylegilman Video Embed %26 Thumbnail Generator 1.1


References

XF - videoembed-kgcallffmpeg-code-execution(73508)

BID - 52180

CONFIRM - http://wordpress.org/extend/plugins/video-embed-thumbnail-generator/changelog/

SECUNIA - 48087

CONFIRM - http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924


Last Updated: 27 May 2016 10:49:34