TimThumb Plugin Remote Code Execution
Gravité: : Critique
Date du conseil: 21 juillet 2015
Description
This rule is a heuristic based rule to detect malicious php code embedded within gif, jpg and png image files. An attacker may use maliciously crafted image file to do remote code execution and take control of the victim's host machine.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1004880
Trend Micro Deep Security DPI Rule Name: 1004880 - Identified Suspicious Image File With Embedded PHP Code
Affected software and version:
- Microsoft Windows
- PHP