CVE-2009-0677

avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with the eval switch, as specified in an element of the patterns array.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.osvdb.org/52007
http://secunia.com/advisories/33928	Vendor Advisory
http://www.waraxe.us/advisory-72.html
http://ravenphpscripts.com/postt17156.html&sid=12d1201371612260a42fa846ebce7bad	Vendor Advisory
http://www.securityfocus.com/bid/33787
https://exchange.xforce.ibmcloud.com/vulnerabilities/48789
https://www.exploit-db.com/exploits/8068
http://www.securityfocus.com/archive/1/500988/100/0/threaded

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:ravenphpscripts:ravennuke:2.30:*:*:*:*:*:*:*

Information

Published : 2009-02-22 14:30

Updated : 2018-10-10 12:30

NVD link : CVE-2009-0677

Mitre link : CVE-2009-0677

JSON object : View

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

Products Affected

ravenphpscripts

ravennuke

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.osvdb.org/52007", "name": "52007", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/33928", "name": "33928", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.waraxe.us/advisory-72.html", "name": "http://www.waraxe.us/advisory-72.html", "tags": [], "refsource": "MISC"}, {"url": "http://ravenphpscripts.com/postt17156.html&sid=12d1201371612260a42fa846ebce7bad", "name": "http://ravenphpscripts.com/postt17156.html&sid=12d1201371612260a42fa846ebce7bad", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/33787", "name": "33787", "tags": [], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48789", "name": "ravennuke-avatarlist-code-execution(48789)", "tags": [], "refsource": "XF"}, {"url": "https://www.exploit-db.com/exploits/8068", "name": "8068", "tags": [], "refsource": "EXPLOIT-DB"}, {"url": "http://www.securityfocus.com/archive/1/500988/100/0/threaded", "name": "20090216 [waraxe-2009-SA#072] - Multiple Vulnerabilities in RavenNuke 2.3.0", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with the eval switch, as specified in an element of the patterns array."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-94"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-0677", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2009-02-22T22:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ravenphpscripts:ravennuke:2.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-10T19:30Z"}