Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4687

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-4687
Last Modified 19 Aug 2009 01:20:31
Published 22 Oct 2008 02:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-4687

Summary

manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.

Vulnerable Systems

Application

  • Mantis 0.19.3

  • Mantis 0.19.4

  • Mantis 1.0.1

  • Mantis 1.0.2

  • Mantis 1.0.3

  • Mantis 1.0.4

  • Mantis 1.0.5

  • Mantis 1.0.6

  • Mantis 1.0.7

  • Mantis 1.0.8

  • Mantis 1.1.1

  • Mantis 1.1.2

  • Mantis 1.1.3


References

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=242722

XF - mantis-sort-code-execution(45942)

BID - 31789

MLIST - [oss-security] 20081019 CVE request: mantisbt < 1.1.4: RCE

MILW0RM - 6768

CONFIRM - http://www.mantisbt.org/bugs/view.php?id=0009704

CONFIRM - http://www.mantisbt.org/bugs/changelog_page.php

GENTOO - GLSA-200812-07

SREASON - 4470

SECUNIA - 32975

SECUNIA - 32314

CONFIRM - http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/utility_api.php?r1=5679&r2=5678&pathrev=5679


Last Updated: 27 May 2016 10:48:35