Revive Adserver up to 3.2.4/4.0.0 Username Control Character unknown vulnerability

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Revive Adserver up to 3.2.4/4.0.0 (Advertising Software). Affected by this vulnerability is an unknown part of the component Username Handler. Upgrading to version 3.2.5 eliminates this vulnerability.

Field	03/28/2017 10:17 PM	08/23/2020 12:05 PM
type	Advertising Software	Advertising Software
vendor	Revive	Revive
name	Adserver	Adserver
version	<=3.2.4/4.0.0	<=3.2.4/4.0.0
component	Username Handler	Username Handler
input_type	Control Character	Control Character
cwe	75	75
risk	2	2
cvss2_vuldb_basescore	5.8	5.8
cvss2_vuldb_tempscore	5.0	5.0
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	M	M
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	N	N
cvss2_nvd_av	N	N
cvss2_nvd_ac	H	H
cvss2_nvd_au	S	S
cvss2_nvd_ci	N	N
cvss2_nvd_ii	P	P
cvss2_nvd_ai	N	N
cvss3_meta_basescore	4.3	4.3
cvss3_meta_tempscore	4.1	4.1
cvss3_vuldb_basescore	5.4	5.4
cvss3_vuldb_tempscore	5.2	5.2
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	R	R
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	N	N
cvss3_nvd_av	N	N
cvss3_nvd_ac	H	H
cvss3_nvd_pr	H	H
cvss3_nvd_ui	R	R
cvss3_nvd_s	U	U
cvss3_nvd_c	L	L
cvss3_nvd_i	L	L
cvss3_nvd_a	N	N
date	1490659200 (03/28/2017)	1490659200 (03/28/2017)
url	https://github.com/revive-adserver/revive-adserver/commit/05b1eceb	https://github.com/revive-adserver/revive-adserver/commit/05b1eceb
price_0day	$0-$5k	$0-$5k
name	Upgrade	Upgrade
upgrade_version	3.2.5	3.2.5
cve	CVE-2016-9471	CVE-2016-9471
cve_assigned	1479513600	1479513600
cve_nvd_published	1490572800	1490572800
cve_nvd_summary	Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users within Revive Adserver.	Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't properly sanitised when creating users on a Revive Adserver instance. Especially, control characters were not filtered, allowing apparently identical usernames to co-exist in the system, due to the fact that such characters are normally ignored when an HTML page is displayed in a browser. The issue could have therefore been exploited for user spoofing, although elevated privileges are required to create users within Revive Adserver.
seealso	98984 98982	98984 98982
location	Website	Website
cvss2_vuldb_e	ND	ND
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_rc	ND	ND
cvss3_vuldb_e	X	X
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	X	X
0day_days	180	180
cvss3_nvd_basescore	3.1	3.1
discoverydate		1475020800
osvdb_title		CVE-2016-9471 - Revive Adserver - Spoofing Issue

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!