Vulnerability Name:

CVE-2012-0911 (CCN-76758)

Assigned:2012-07-04
Published:2012-07-04
Updated:2017-08-29
Summary:TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.php or (b) tiki-print_pages.php; or (4) sendpages, (5) sendstructures, or (6) sendarticles parameter to tiki-send_objects.php, which is not properly handled when processed by the unserialize function.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: BUGTRAQ
Type: Exploit
20120704 [CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution

Source: MITRE
Type: CNA
CVE-2012-0911

Source: CONFIRM
Type: Patch, Vendor Advisory
http://dev.tiki.org/item4109

Source: CONFIRM
Type: Patch
http://info.tiki.org/article190-Tiki-Wiki-CMS-Groupware-Updates-Tiki-6-7-LTS

Source: CONFIRM
Type: Patch
http://info.tiki.org/article191-Tiki-Releases-8-4

Source: CCN
Type: Tiki Wiki CMS Groupware Web page
Tiki Wiki CMS Groupware

Source: OSVDB
Type: UNKNOWN
83534

Source: EXPLOIT-DB
Type: Exploit
19573

Source: EXPLOIT-DB
Type: Exploit
19630

Source: CCN
Type: OSVDB ID: 83534
Tiki Wiki CMS Multiple Script unserialize() Function Remote Code Execution

Source: BID
Type: Exploit
54298

Source: CCN
Type: BID-54298
Tiki Wiki CMS Groupware 'unserialize()' Multiple PHP Code Execution Vulnerabilities

Source: XF
Type: UNKNOWN
tikiwiki-unserialize-code-exec(76758)

Source: XF
Type: UNKNOWN
tikiwiki-unserialize-code-exec(76758)

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [07-04-2012]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [07-09-2012]

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [05-30-2018]
Tiki Wiki unserialize() PHP Code Execution

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tiki:tikiwiki_cms/groupware:6.3:-:lts:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:*:-:lts:*:*:*:*:* (Version <= 6.5)

    • Configuration 2:
  • cpe:/a:tiki:tikiwiki_cms/groupware:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:3.4:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:5.3:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:6.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:8.2:*:*:*:*:*:*:*
  • OR cpe:/a:tiki:tikiwiki_cms/groupware:*:*:*:*:*:*:*:* (Version <= 8.3)

    • * Denotes that component is vulnerable
    BACK
    tiki tikiwiki cms/groupware 6.3 -
    tiki tikiwiki cms/groupware * -
    tiki tikiwiki cms/groupware 2.2
    tiki tikiwiki cms/groupware 3.0
    tiki tikiwiki cms/groupware 3.1
    tiki tikiwiki cms/groupware 3.2
    tiki tikiwiki cms/groupware 3.3
    tiki tikiwiki cms/groupware 3.4
    tiki tikiwiki cms/groupware 3.5
    tiki tikiwiki cms/groupware 4.0
    tiki tikiwiki cms/groupware 4.1
    tiki tikiwiki cms/groupware 4.2
    tiki tikiwiki cms/groupware 5.0
    tiki tikiwiki cms/groupware 5.1
    tiki tikiwiki cms/groupware 5.2
    tiki tikiwiki cms/groupware 5.3
    tiki tikiwiki cms/groupware 6.0
    tiki tikiwiki cms/groupware 6.1
    tiki tikiwiki cms/groupware 6.2
    tiki tikiwiki cms/groupware 7.0
    tiki tikiwiki cms/groupware 7.1
    tiki tikiwiki cms/groupware 7.2
    tiki tikiwiki cms/groupware 8.0
    tiki tikiwiki cms/groupware 8.1
    tiki tikiwiki cms/groupware 8.2
    tiki tikiwiki cms/groupware *