Invision Power Board <= 3.3.4 (core.php) PHP Object Injection Vulnerability

Description:

Invision Power Board contains a flaw related to the IPSCookie::get() method defined in the admin/sources/base/core.php script. User input passed through cookies is not properly sanitized before being used in a call to the unserialize() function. With a specially crafted serialized object a remote attacker might be able to create a file containing arbitrary PHP code abusing the __destruct() method of the dbMain class.

References:

• CVE-2012-5692
• BID-56288
• EDB-22398

Disclosure Date:

November 1, 2012