We have just released the July 2014 update for the new version of Trustwave Web Application Firewall, version 7.0.
|Open Flash Chart: Code Execution vulnerability in ofc_upload_image.php (CVE-2009-4140)||7.0/4.31||Open Flash Chart is prone to a vulnerability that allows remote attackers to execute arbitrary code by uploading executable files to the server.|
File Upload Vulnerability in Open Flash Charts (CVE-2009-4140)
Earlier this year, SpiderLabs issued a Honeypot alert warning about an increase in exploitation attempts of a file upload vulnerability in Open Flash Charts (CVE-2009-4140). Attackers can exploit this vulnerability to execute code on the server, and potentially gain full control over the server and the application.
Note that such attack attempts were already detected using WebDefend generic security rules for detection of file uploads and payload obfuscation. Since the increase of scanning and exploitation efforts continues as indicated by the Web Honeypots logs and research sites, we are releasing an online update to better classify, detect and block such malicious activity.
How to Update
Appliances running version 7.0 of Trustwave Web Application Firewall and are subscribed to the online update feature will be updated automatically.
Note that even if blocking actions are defined for a protected site, simulation mode for this rule is ON by default, so that site managers can inspect the impact of new rules before actual blocking takes place.