Le Sun, Dec 01, 2024 at 05:30:43PM +0100, Moritz Mⁿhlenhoff a Θcrit :

Source: spip
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for spip.

CVE-2024-53619[0]:
| An authenticated arbitrary file upload vulnerability in the
| Documents module of SPIP v4.3.3 allows attackers to execute
| arbitrary code via uploading a crafted PDF file.

It's unclear whether this has been reported/fixed upstream, the
only reference is: https://grimthereaperteam.medium.com/spip-4-3-3-malicious-file-upload-xss-in-pdf-526c03bb1776

Upstream considers it invalid because the executed code is sandboxed
with a limited scope and without access to the website context.

They pointed me to an article considered relevant to this case. https://textslashplain.com/2024/04/10/browser-security-bugs-that-arent-javascript-in-pdf/

Regards,

taffit

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAmdth+gACgkQBYwc+UT2 vTwYSwf+ORR5CXfoGK6AgU0Dr4WCH7KQm6WCSRkmla4uElU3I/PT9yniLHNxwMAZ UNhBvaChIY6at1Oaa7fqjaEQbpUCbQ3wbVgmUuVZ2ENk+qeaZhzQpN77BnyuyTXh W5X8kH2jE7+E3nFkKkRtwkgTcumgRDCUZ69RyGRrrjkH8u0IsbWEHPKTAEMkMlMm D4JtXS7tKxnlf0RWh1wmHVDFn6JP53jXhQDFu8Uj1GstVqPpIjSklPOmgkPvJ7MU wSQDDb8qZMQaDGjDUhIASg9VARQnBgFWEaegni2Mt6ZTMojW3X3CmSFIuy0w662D ASpgzHigPmJOFvJ0BRLLvzBXgq5Xyg==
=ALXV
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)