Lucene search
HistoryMay 27, 2014 - 3:00 p.m.
CVE-2013-2225
cve-2013-2225
glpi
remote code execution
unserialize
php
nvd
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7.4 High
AI Score
Confidence
High
0.174 Low
EPSS
Percentile
96.1%
inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.
Affected configurations
Node
glpi-projectglpiRange≤0.83.9
ORglpi-projectglpiMatch0.5
ORglpi-projectglpiMatch0.5rc1
ORglpi-projectglpiMatch0.5rc2
ORglpi-projectglpiMatch0.6
ORglpi-projectglpiMatch0.6rc1
ORglpi-projectglpiMatch0.6rc2
ORglpi-projectglpiMatch0.6rc3
ORglpi-projectglpiMatch0.20
ORglpi-projectglpiMatch0.21
ORglpi-projectglpiMatch0.30
ORglpi-projectglpiMatch0.31
ORglpi-projectglpiMatch0.40
ORglpi-projectglpiMatch0.41
ORglpi-projectglpiMatch0.42
ORglpi-projectglpiMatch0.51
ORglpi-projectglpiMatch0.51a
ORglpi-projectglpiMatch0.65
ORglpi-projectglpiMatch0.65rc1
ORglpi-projectglpiMatch0.65rc2
ORglpi-projectglpiMatch0.68
ORglpi-projectglpiMatch0.68rc1
ORglpi-projectglpiMatch0.68rc2
ORglpi-projectglpiMatch0.68rc3
ORglpi-projectglpiMatch0.68.1
ORglpi-projectglpiMatch0.68.2
ORglpi-projectglpiMatch0.68.3
ORglpi-projectglpiMatch0.70
ORglpi-projectglpiMatch0.70rc1
ORglpi-projectglpiMatch0.70rc2
ORglpi-projectglpiMatch0.70rc3
ORglpi-projectglpiMatch0.70.1
ORglpi-projectglpiMatch0.70.2
ORglpi-projectglpiMatch0.71
ORglpi-projectglpiMatch0.71.1
ORglpi-projectglpiMatch0.71.1rc1
ORglpi-projectglpiMatch0.71.1rc2
ORglpi-projectglpiMatch0.71.1rc3
ORglpi-projectglpiMatch0.71.2
ORglpi-projectglpiMatch0.71.3
ORglpi-projectglpiMatch0.71.4
ORglpi-projectglpiMatch0.71.5
ORglpi-projectglpiMatch0.71.6
ORglpi-projectglpiMatch0.72
ORglpi-projectglpiMatch0.72rc1
ORglpi-projectglpiMatch0.72rc2
ORglpi-projectglpiMatch0.72rc3
ORglpi-projectglpiMatch0.72.1
ORglpi-projectglpiMatch0.72.2
ORglpi-projectglpiMatch0.72.3
ORglpi-projectglpiMatch0.72.4
ORglpi-projectglpiMatch0.78
ORglpi-projectglpiMatch0.78.1
ORglpi-projectglpiMatch0.78.2
ORglpi-projectglpiMatch0.78.3
ORglpi-projectglpiMatch0.78.4
ORglpi-projectglpiMatch0.78.5
ORglpi-projectglpiMatch0.80
ORglpi-projectglpiMatch0.80.1
ORglpi-projectglpiMatch0.80.2
ORglpi-projectglpiMatch0.80.3
ORglpi-projectglpiMatch0.80.4
ORglpi-projectglpiMatch0.80.5
ORglpi-projectglpiMatch0.80.6
ORglpi-projectglpiMatch0.80.7
ORglpi-projectglpiMatch0.80.61
ORglpi-projectglpiMatch0.83
ORglpi-projectglpiMatch0.83.1
ORglpi-projectglpiMatch0.83.2
ORglpi-projectglpiMatch0.83.3
ORglpi-projectglpiMatch0.83.4
ORglpi-projectglpiMatch0.83.5
ORglpi-projectglpiMatch0.83.6
ORglpi-projectglpiMatch0.83.7
ORglpi-projectglpiMatch0.83.8
ORglpi-projectglpiMatch0.83.31
Related
packetstorm
packetstorm
GLPI 0.83.9 Code Execution
2013-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2013-2225
2014-05-27 00:00:00
prion
prion
Code injection
2014-05-27 14:55:00
cvelist
cvelist
CVE-2013-2225
2014-05-27 15:00:00
nvd
nvd
CVE-2013-2225
2014-05-27 14:55:09
altlinux
altlinux
Security fix for the ALT Linux 9 package glpi version 0.83.9.1-alt1
2013-07-21 00:00:00
Security fix for the ALT Linux 10 package glpi version 0.83.9.1-alt1
2013-07-21 00:00:00
openvas
openvas
Fedora Update for glpi FEDORA-2013-11315
2013-08-20 00:00:00
Fedora Update for glpi FEDORA-2013-11413
2013-07-05 00:00:00
Fedora Update for glpi FEDORA-2013-11315
2013-08-20 00:00:00
nessus
nessus
Fedora 17 : glpi-0.83.9.1-1.fc17 (2013-11413)
2013-07-12 00:00:00
Fedora 19 : glpi-0.83.9.1-1.fc19 (2013-11315)
2013-07-12 00:00:00
Fedora 18 : glpi-0.83.9.1-1.fc18 (2013-11396)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: glpi-0.83.9.1-1.fc19
2013-07-04 00:56:51
[SECURITY] Fedora 18 Update: glpi-0.83.9.1-1.fc18
2013-07-05 02:08:10
[SECURITY] Fedora 17 Update: glpi-0.83.9.1-1.fc17
2013-07-05 02:09:51
mageia
mageia
Updated glpi package fixes security vulnerabilities
2013-09-20 09:36:48
securityvulns
securityvulns
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7.4 High
AI Score
Confidence
High
0.174 Low
EPSS
Percentile
96.1%
Related for CVE-2013-2225