Intrusion Prevention

WordPress.Foxypress.Plugin.Uploadify.Arbitrary.File.Upload

Description

This indicates an attack attempt against an Arbitrary File Upload vulnerability in The Foxypress plug-in for WordPress.
The vulnerability is caused by an error when the vulnerable software handles a malicious HTTP request with a crafted URI. It allows a remote attacker to upload an arbitrary file via sending a crafted URI to a vulnerable application.

Affected Products

WordPress Foxypress 0.4.2.1
WordPress Foxypress 0.4.1.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the Web site.
http://wordpress.org/extend/plugins/foxypress/