Revive Adserver up to 3.2.4/4.0.0 Username Control Character unknown vulnerability

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Revive Adserver up to 3.2.4/4.0.0 (Advertising Software). Affected by this vulnerability is an unknown part of the component Username Handler. Upgrading to version 3.2.5 eliminates this vulnerability.

Field03/28/2017 10:17 PM08/23/2020 12:05 PM
typeAdvertising SoftwareAdvertising Software
vendorReviveRevive
nameAdserverAdserver
version<=3.2.4/4.0.0<=3.2.4/4.0.0
componentUsername HandlerUsername Handler
input_typeControl CharacterControl Character
cwe7575
risk22
cvss2_vuldb_basescore5.85.8
cvss2_vuldb_tempscore5.05.0
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acHH
cvss2_nvd_auSS
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.14.1
cvss3_vuldb_basescore5.45.4
cvss3_vuldb_tempscore5.25.2
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cvss3_nvd_avNN
cvss3_nvd_acHH
cvss3_nvd_prHH
cvss3_nvd_uiRR
cvss3_nvd_sUU
cvss3_nvd_cLL
cvss3_nvd_iLL
cvss3_nvd_aNN
date1490659200 (03/28/2017)1490659200 (03/28/2017)
urlhttps://github.com/revive-adserver/revive-adserver/commit/05b1ecebhttps://github.com/revive-adserver/revive-adserver/commit/05b1eceb
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version3.2.53.2.5
cveCVE-2016-9471CVE-2016-9471
cve_assigned14795136001479513600
cve_nvd_published14905728001490572800
cve_nvd_summaryRevive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users within Revive Adserver.Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users within Revive Adserver.
seealso98984 9898298984 98982
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
0day_days180180
cvss3_nvd_basescore3.13.1
discoverydate1475020800
osvdb_titleCVE-2016-9471 - Revive Adserver - Spoofing Issue

Do you need the next level of professionalism?

Upgrade your account now!