oss-sec mailing list archives
CVE Request: Parameter Injection in jCryption 3.0
From: David Tomaschik <david () systemoverlord com>
Date: Wed, 18 Jun 2014 06:45:37 -0700
jCryption 3.0 suffers from a parameter injection vulnerability due to passing an attacker-controlled string to PHP's proc_open function. Though the PHP code is not distributed as a library, it is presented as a copy-and-paste server side implementation to match the jQuery module, and sites that have done so, or have left the jcryption.php file on their server, are vulnerable. This vulnerability (at least) allows an attacker to read arbitrary files, including the RSA private key used by jCryption. jCryption 3.0.1 fixes the issue and is available at http://www.jcryption.org/. Details are in the advisory on my blog: https://systemoverlord.com/blog/2014/06/18/parameter-injection-in-jcryption/ -- David Tomaschik OpenPGP: 0x5DEA789B http://systemoverlord.com david () systemoverlord com
Current thread:
- CVE Request: Parameter Injection in jCryption 3.0 David Tomaschik (Jun 18)
- Re: CVE Request: Parameter Injection in jCryption 3.0 cve-assign (Jun 18)