Coppermine-gallery Photo Gallery up to 1.5.3 Error Message older_than information disclosure
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.8 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, was found in Coppermine-gallery Photo Gallery up to 1.5.3. Affected by this issue is some unknown functionality of the component Error Message Handler. Executing a manipulation of the argument older_than can lead to information disclosure. This vulnerability appears as CVE-2012-1614. In addition, an exploit is available. You should upgrade the affected component.
Details
A vulnerability was found in Coppermine-gallery Photo Gallery up to 1.5.3 (Photo Gallery Software). It has been declared as problematic. This vulnerability affects some unknown functionality of the component Error Message Handler. The manipulation of the argument older_than with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. As an impact it is known to affect confidentiality. CVE summarizes:
Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message.
The weakness was presented 09/04/2012 by Janek Vind (Website). The advisory is shared for download at coppermine.svn.sourceforge.net. This vulnerability was named CVE-2012-1614 since 03/12/2012. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details and also a public exploit are known. The MITRE ATT&CK project declares the attack technique as T1592.
A public exploit has been developed by waraxe and been published before and not just after the advisory. It is possible to download the exploit at exploit-db.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 158 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 61743 (FreeBSD : coppermine -- Multiple vulnerabilities (6dd5e45c-f084-11e1-8d0f-406186f3d89d)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family FreeBSD Local Security Checks.
Upgrading to version 1.5.4 eliminates this vulnerability.
The vulnerability is also documented in the databases at Exploit-DB (18680), Tenable (61743), SecurityFocus (BID 52818†), OSVDB (80731†) and Vulnerability Center (SBV-36160†). See VDB-62007 for similar entry. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Type
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.8
VulDB Base Score: 5.3
VulDB Temp Score: 4.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Information disclosureCWE: CWE-200 / CWE-284 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Author: waraxe
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 61743
Nessus Name: FreeBSD : coppermine -- Multiple vulnerabilities (6dd5e45c-f084-11e1-8d0f-406186f3d89d)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 71830
OpenVAS Name: FreeBSD Ports: coppermine
OpenVAS File: 🔍
OpenVAS Family: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Photo Gallery 1.5.4
Timeline
03/12/2012 🔍03/29/2012 🔍
03/30/2012 🔍
03/30/2012 🔍
09/04/2012 🔍
09/04/2012 🔍
09/04/2012 🔍
09/19/2012 🔍
03/23/2015 🔍
12/28/2024 🔍
Sources
Advisory: coppermine.svn.sourceforge.netResearcher: Janek Vind
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2012-1614 (🔍)
GCVE (CVE): GCVE-0-2012-1614
GCVE (VulDB): GCVE-100-62008
SecurityFocus: 52818 - Coppermine Photo Gallery 'keywords' Field HTML Injection Vulnerability
OSVDB: 80731
Vulnerability Center: 36160 - Coppermine Photo Gallery Before 1.5.20 Remote Sensitive Information Disclosure, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 03/23/2015 16:50Updated: 12/28/2024 13:07
Changes: 03/23/2015 16:50 (62), 04/17/2017 10:59 (18), 12/12/2021 21:20 (3), 12/28/2024 13:07 (14)
Complete: 🔍
Cache ID: 216:8B2:103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.