Intrusion Prevention

VBSEO.Remote.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution vulnerability in vBSEO.
This issue is caused by an error when vBSEO handles malicious php request. It may allow remote attackers inject arbitrary code by sending a crafted php request.

Affected Products

vBSEO 3.5.0, 3.5.1, 3.5.2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://www.vbseo.com/f5/vbseo-security-bulletin-all-supported-versions-patch-release-52783/

CVE References

CVE-2012-5223