CVE-2013-5350
Description
The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object injection attacks, and execute arbitrary PHP code, via a crafted serialized object.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: PSIRT-CNA@flexerasoftware.com — https://www.openpne.jp/archives/12293/
Vendor advisory: PSIRT-CNA@flexerasoftware.com — http://secunia.com/secunia_research/2014-1/
Vendor advisory: PSIRT-CNA@flexerasoftware.com — http://secunia.com/advisories/54043
References
- http://jvn.jp/en/jp/JVN69986880/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000009
- http://secunia.com/advisories/54043
- http://secunia.com/secunia_research/2014-1/
- https://www.openpne.jp/archives/12293/
- http://jvn.jp/en/jp/JVN69986880/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000009
- http://secunia.com/advisories/54043
- http://secunia.com/secunia_research/2014-1/
- https://www.openpne.jp/archives/12293/
CWEs
CWE-20
Verify integrity in audit chain (admin only). AS-IS.