|
Description
|
|
A vulnerability was reported in the TCPDF library.
A remote attacker can exploit it by using a specific payload using the "__destruct()" method of the Tcpdf class (defined in tcpdf.php) in order to delete arbitrary file on the system.
This vulnerability is exploitable if the application using the library use the "unserialize()" function or not sanitized user input in a point from which the Tcpdf class is loadable.
A proof of concept is available.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
TCPDF (TCPDF) - 5.9
|
|
|
|
|
|
Solution
|
|
No solution for the moment.
|
|
|
|
|
|
CVE
|
|
|
|
|
|
|
|
References
|
|
- Intelligentexploit : TCPDF library Universal POI Payload to Arbitrary File Deletion
http://www.intelligentexploit.com/view-details.html?id=21396
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
