|
Description
|
|
This signature detects and blocks any attempt to exploit a remote code execution vulnerability in TimThumb. Indeed TimThumb does not check remotely cached files properly. By crafting a special image file with a valid MIME-type, and appending a PHP file at the end of this, it is possible to fool TimThumb into believing that it is a legitimate image, thus caching it locally in the cache directory.
|
