1
frankblack
Possible security leak in ibrowser and imanager for tinyeditor
  • 2007/1/16 20:42

  • frankblack

  • Just can't stay away

  • Posts: 830

  • Since: 2005/6/13


A user reported a possible vulnerability in ibrowser and imanager through the use of phpThumb. The phpThumb version used in these plugin were a bit older, but much younger than the latest security report on phpThumb. imanager and ibrowser are now using phpThumb 1.76.

For those already using ibrowser or imanager: just remove the old folder phpThumb within imanager or ibrowser (with subfolders) and upload the new one.

I wasn't able to reproduce the bug and did not found new security leaks, but I wanted to be sure, so this is why I was taken action.

Don't forget to set chmods as described in the documentation.

phpThumb patch can be found HERE

Repacked ibrowser can be found HERE

Repacked imanager can be found HERE

Sorry for the inconvenience!

Login

Who's Online

421 user(s) are online (331 user(s) are browsing Support Forums)


Members: 0


Guests: 421


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits