Pierre-Luc Posted May 3, 2016 Share Posted May 3, 2016 Major vulnerability, doesn't seem to have a patch yet.. http://arstechnica.com/security/2016/05/easily-exploited-bug-exposes-huge-number-of-sites-to-code-execution-attacks/ 5 Link to comment Share on other sites More sharing options...
Pierre-Luc Posted May 3, 2016 Author Share Posted May 3, 2016 Also this page tracks the problem and will eventually contain patches: https://imagetragick.com 1 Link to comment Share on other sites More sharing options...
horst Posted May 4, 2016 Share Posted May 4, 2016 (edited) We already check for correct filetypes (imageformats) before processing images. We use PHPs function getimagesize(), what internally uses this magic-byte-check for format detection, I assume. But will check this further. EDIT: Yes they do: https://github.com/php/php-src/blob/1c295d4a9ac78fcc2f77d6695987598bb7abcb83/ext/standard/image.c#L41 https://github.com/php/php-src/blob/1c295d4a9ac78fcc2f77d6695987598bb7abcb83/ext/standard/image.c#L1246 Edited May 4, 2016 by horst 6 Link to comment Share on other sites More sharing options...
DaveP Posted May 4, 2016 Share Posted May 4, 2016 Interesting discussion here. 1 Link to comment Share on other sites More sharing options...
DaveP Posted May 9, 2016 Share Posted May 9, 2016 And some actual payloads analysed here. 3 Link to comment Share on other sites More sharing options...
Recommended Posts