HTTP: WordPress Cookie Injection
This signature detects a command injection that affect the WordPress <= 1.5.1.3 application. This injection can lead to arbitrary remote command execution within the context of the web server. This vulnerability is actively being exploited and steps should be taken to install patches on affected machines.
Extended Description
Successful exploitation of this vulnerability may allow remote attackers to inject and execute arbitrary code on a victim server in the context of the host web site.
Short Name
HTTP:PHP:WORDPRESS-COOKIE-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-2612 Cookie Injection WordPress bid:14533
Release Date
08/31/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
CVSS Score
7.5