CVE-2011-5061

functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://forum.whmcs.com/showthread.php?t=43462	Patch Vendor Advisory
http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1::::::
	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2::::::
	cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3::::::
	cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:5.0.0:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:5.0.1:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:5.0.2:::::::*
	cpe:2.3:a:whmcs:whmcompletesolution:5.0.3:::::::*

History

No history.

Information

Published : 2012-01-14 03:57

Updated : 2024-02-04 17:54

NVD link : CVE-2011-5061

Mitre link : CVE-2011-5061

CVE.ORG link : CVE-2011-5061

JSON object : View

Products Affected

whmcs

whmcompletesolution

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2011-5061", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-01-14T03:57:27.180", "references": [{"url": "http://forum.whmcs.com/showthread.php?t=43462", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.webhostingtalk.com/showpost.php?p=7848685&postcount=35", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field."}, {"lang": "es", "value": "functions.php en WHMCompleteSolution (WHMCS) en v4.0.x hasta v5.0.x permite a atacantes remotos provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el sistema de plantillas Smarty mediante el env\u00edo de un ticket manipulado, relacionados con el manejo inadecuado de los caracteres en el campo subject."}], "lastModified": "2012-02-08T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2AD4B2D-E964-44CA-8876-99B90FF3115F"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBF47C26-16E7-4FF6-8C32-7E613DFC6C5F"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0BE2826-A35D-439D-B698-0E48CF78950D"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65E22213-2656-4A6E-93DF-82FCFF6A757B"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C0DC052-A1F6-4A64-8760-5F43F0662017"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA985700-B7B0-4D21-BEA2-B4B528AB3224"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "457D9958-4918-4B13-8755-53E30E20DA8F"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F06C120-8FB8-405C-BCA1-165E1220E41F"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DC4003A-3291-404B-A611-AE5ECB653A51"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.0:beta_r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2D1C1E4-8DFB-4C6F-AC4C-B1AFDFB08905"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7B2828A-2760-4833-B598-B577367C2641"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7020787-BDD3-4F06-A7F1-C96D30287346"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1EB7AEF-3CB2-445C-95E7-D75113E096DB"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE649BF1-1D8D-4130-BE24-1B9296B97B6A"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDD91F12-FE2B-48C5-AA65-B951E4F865C4"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAC98C21-371D-4272-A4D6-4BCB579F4987"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04294CF0-08F0-4068-AA90-989EB01DCCE6"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F45FA57-BEDF-4F57-A21D-A43063C081AD"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:4.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD5B5029-B552-4361-9076-62E54BE1D85E"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69F15D66-C989-401C-A679-F89D15988BAB"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D6A1799-FA7B-47D4-9CCF-1CE2EA78C821"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CD5FD3F-DABD-4BC5-9633-6A2F3AD82CD3"}, {"criteria": "cpe:2.3:a:whmcs:whmcompletesolution:5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5578A70D-E13F-416F-A749-58A0E64A5A91"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}