CVE-2013-1465 - OpenCVE

The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cubecart	Cubecart

Configuration 1 [-]

cpe:2.3:a:cubecart:cubecart:*:*:*:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2013-02/0032.html	Broken Link
http://forums.cubecart.com/?showtopic=47026	Patch
http://karmainsecurity.com/KIS-2013-02	Exploit
http://osvdb.org/89923	Broken Link
http://packetstormsecurity.com/files/120094/CubeCart-5.2.0-PHP-Object-Injection.html	Exploit Third Party Advisory VDB Entry
http://secunia.com/advisories/52072	Not Applicable
http://www.exploit-db.com/exploits/24465	Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/57770	Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/81920	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2013-02-08T20:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2013-01-29T00:00:00

Link: CVE-2013-1465

JSON object: View

NVD Information

Status : Analyzed

Published: 2013-02-08T20:55:01.750

Modified: 2024-01-09T02:21:42.200

Link: CVE-2013-1465

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-02-06T00:00:00", "descriptions": [{"lang": "en", "value": "The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://forums.cubecart.com/?showtopic=47026"}, {"name": "20130206 [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0032.html"}, {"name": "cubecart-shipping-unauth-access(81920)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81920"}, {"tags": ["x_refsource_MISC"], "url": "http://karmainsecurity.com/KIS-2013-02"}, {"name": "57770", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/57770"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/120094/CubeCart-5.2.0-PHP-Object-Injection.html"}, {"name": "52072", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/52072"}, {"name": "89923", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/89923"}, {"name": "24465", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/24465"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-1465", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://forums.cubecart.com/?showtopic=47026", "refsource": "CONFIRM", "url": "http://forums.cubecart.com/?showtopic=47026"}, {"name": "20130206 [KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0032.html"}, {"name": "cubecart-shipping-unauth-access(81920)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81920"}, {"name": "http://karmainsecurity.com/KIS-2013-02", "refsource": "MISC", "url": "http://karmainsecurity.com/KIS-2013-02"}, {"name": "57770", "refsource": "BID", "url": "http://www.securityfocus.com/bid/57770"}, {"name": "http://packetstormsecurity.com/files/120094/CubeCart-5.2.0-PHP-Object-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/120094/CubeCart-5.2.0-PHP-Object-Injection.html"}, {"name": "52072", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/52072"}, {"name": "89923", "refsource": "OSVDB", "url": "http://osvdb.org/89923"}, {"name": "24465", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/24465"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-1465", "datePublished": "2013-02-08T20:00:00", "dateReserved": "2013-01-29T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cubecart:cubecart:*:*:*:*:*:*:*:*", "matchCriteriaId": "40420555-46E6-4C86-BE77-03948AF775E9", "versionEndIncluding": "5.2.0", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object."}, {"lang": "es", "value": "El m\u00e9todo _basket en /classes / cubecart.class.php en CubeCart v5.0.0 a trav\u00e9s de v5.2.0 permite a atacantes remotos desserializar objetos PHP a trav\u00e9s de un par\u00e1metro env\u00edo hecho a mano, como se ha demostrado mediante la modificaci\u00f3n de la configuraci\u00f3n de la aplicaci\u00f3n mediante el objeto Config."}], "id": "CVE-2013-1465", "lastModified": "2024-01-09T02:21:42.200", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2013-02-08T20:55:01.750", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0032.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://forums.cubecart.com/?showtopic=47026"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://karmainsecurity.com/KIS-2013-02"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://osvdb.org/89923"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/120094/CubeCart-5.2.0-PHP-Object-Injection.html"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/52072"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/24465"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/57770"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81920"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}