Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by revive-sas
CVE-2019-5434 (GCVE-0-2019-5434)
Vulnerability from cvelistv5 – Published: 2019-05-06 16:53 – Updated: 2024-08-04 19:54
VLAI
KEVIntel
Summary
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0.
Severity
No CVSS data available.
CWE
- CWE-502 - Deserialization of Untrusted Data (CWE-502)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/512076 | x_refsource_MISC |
| https://hackerone.com/reports/542670 | x_refsource_MISC |
| https://www.revive-adserver.com/security/revive-s… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155559/Reviv… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Revive Adserver |
Affected:
Fixed version v4.2.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/512076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/542670"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.revive-adserver.com/security/revive-sa-2019-001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155559/Revive-Adserver-4.2-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revive Adserver",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed version v4.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the \"what\" parameter in the \"openads.spc\" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data (CWE-502)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T00:06:15.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/512076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/542670"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.revive-adserver.com/security/revive-sa-2019-001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155559/Revive-Adserver-4.2-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Revive Adserver",
"version": {
"version_data": [
{
"version_value": "Fixed version v4.2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the \"what\" parameter in the \"openads.spc\" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data (CWE-502)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/512076",
"refsource": "MISC",
"url": "https://hackerone.com/reports/512076"
},
{
"name": "https://hackerone.com/reports/542670",
"refsource": "MISC",
"url": "https://hackerone.com/reports/542670"
},
{
"name": "https://www.revive-adserver.com/security/revive-sa-2019-001/",
"refsource": "MISC",
"url": "https://www.revive-adserver.com/security/revive-sa-2019-001/"
},
{
"name": "http://packetstormsecurity.com/files/155559/Revive-Adserver-4.2-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155559/Revive-Adserver-4.2-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5434",
"datePublished": "2019-05-06T16:53:33.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}