Published: 17/06/2017 Updated: 04/11/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SPIP 3.1.x prior to 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote malicious user to cause remote code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
spip spip 3.1.4
spip spip 3.1.5
spip spip 3.1.2
spip spip 3.1.3
spip spip 3.1.0
spip spip 3.2
spip spip 3.1.1
spip spip 3.2.0

Debian Bug report logs - #864921 spip: CVE-2017-9736: remote code execution Package: src:spip; Maintainer for src:spip is David Prévot <taffit@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Jun 2017 06:42:02 UTC Severity: grave Tags: security, upstream Found in version spip/314-2 ...

Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field An unauthenticated attacker can take advantage of this flaw to cause remote code execution For the stable distribution (stretch), this problem has been fixed in version 314-3~deb9u1 For the te ...

CWE-78 https://core.spip.net/projects/spip/repository/revisions/23594 https://core.spip.net/projects/spip/repository/revisions/23593 https://contrib.spip.net/CRITICAL-security-update-SPIP-3-1-6-and-SPIP-3-2-Beta http://www.debian.org/security/2017/dsa-3890 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864921 https://nvd.nist.gov https://www.debian.org/security/./dsa-3890

CVE-2017-9736

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect