Vigilance Computer Vulnerability Alerts watches public vulnerabilities impacting your computers, describes security patches, and then alerts you to fix them.
Request your free trial

Vulnerability of Dotclear: file upload via swfupload.swf

Synthesis of the vulnerability 

When swfupload.swf is installed with Dotclear, an attacker can use it to upload a PHP file, in order to execute PHP code on the web server.
Vulnerable systems: Dotclear.
Severity of this threat: 1/4.
Creation date: 28/02/2012.
Références of this weakness: BID-52173, CVE-2011-5083, VIGILANCE-VUL-11396.

Description of the vulnerability 

The source code of Dotclear contains three Flash applications: player_flv.swf, player_mp3.swf and swfupload.swf.

The swfupload.swf application comes from the SWFUpload library, which is composed of JavaScript/Flash. It is used to create a web interface to upload a file. However, SWFUpload does not limit the type of files which can be uploaded.

When swfupload.swf is installed with Dotclear, an attacker can therefore use it to upload a PHP file, in order to execute PHP code on the web server.

Request your free trial to see the full bulletin

This vulnerability alert impacts software or systems such as Dotclear.

Our Vigilance Computer Vulnerability Alerts team determined that the severity of this computer weakness alert is low.

The trust level is of type confirmed by the editor, with an origin of internet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer vulnerability.

Solutions for this threat 

Dotclear: workaround for swfupload.swf.
A workaround is to remove the file inc/swf/swfupload.swf.

Request your free trial to see the full bulletin

Computer vulnerabilities alerting service 

The Vigilance Computer Vulnerability Alerts offer can be used to see fixes.