製品・ソフトウェアに関する情報

JVN脆弱性詳細

vBulletin 5 Connect の vB_Api_Hook::decodeArguments メソッドにおける PHP オブジェクトインジェクション攻撃を実行される脆弱性

Title	vBulletin 5 Connect の vB_Api_Hook::decodeArguments メソッドにおける PHP オブジェクトインジェクション攻撃を実行される脆弱性
Summary	vBulletin 5 Connect の vB_Api_Hook::decodeArguments メソッドには、PHP オブジェクトインジェクション攻撃を実行される、および任意の PHP コードを実行される脆弱性が存在します。
Possible impacts	第三者により、ajax/api/hook/decodeArguments の arguments パラメータ内の巧妙に細工されシリアル化されたオブジェクトを介して、PHP オブジェクトインジェクション攻撃を実行される、および任意の PHP コードを実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Nov. 3, 2015, midnight
Registration Date	Nov. 26, 2015, 12:28 p.m.
Last Update	Nov. 26, 2015, 12:28 p.m.

Affected System

vBulletin Solutions, Inc.

vBulletin 5 Connect 5.1.2 から 5.1.9

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-7808	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7808
National Vulnerability Database (NVD)
2	CVE-2015-7808	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7808

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	Name	URL
vBulletin
1	Security Patch Release for vBulletin 5 Connect (Versions 5.1.4, through 5.1.9)	http://www.vbulletin.org/forum/showthread.php?p=2558144#post2558144
2	Top Page	http://www.vbulletin.com/

その他

No	Name	URL
関連文書
1	Check Point Discovers Critical vBulletin 0-Day	http://blog.checkpoint.com/2015/11/05/check-point-discovers-critical-vbulletin-0-day/

Change Log

No	Changed Details	Date of change
0	[2015年11月26日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2015-7808

Summary	The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.
Publication Date	Nov. 25, 2015, 5:59 a.m.
Registration Date	Jan. 26, 2021, 2:57 p.m.
Last Update	Nov. 21, 2024, 11:37 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:vbulletin:vbulletin:5.0.0:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.8:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.0.5:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc2::::::
cpe:2.3:a:vbulletin:vbulletin:5.1.0:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc1::::::
cpe:2.3:a:vbulletin:vbulletin:5.1.6:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.7:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.0:rc1::::::
cpe:2.3:a:vbulletin:vbulletin:5.1.3:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.0.3:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:beta1::::::
cpe:2.3:a:vbulletin:vbulletin:5.0.2:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.9:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.5:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.0.1:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.4:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.1:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.3:alpha5::::::
cpe:2.3:a:vbulletin:vbulletin:5.0.4:::::::*

Related information, measures and tools

No	URL	タグ
1	http://blog.checkpoint.com/2015/11/05/check-point-discovers-critical-vbulletin-0-day/	Exploit
2	http://blog.checkpoint.com/2015/11/05/check-point-discovers-critical-vbulletin-0-day/	Exploit
3	http://packetstormsecurity.com/files/134331/vBulletin-5.1.2-Unserialize-Code-Execution.html	Exploit
4	http://packetstormsecurity.com/files/134331/vBulletin-5.1.2-Unserialize-Code-Execution.html	Exploit
5	http://pastie.org/pastes/10527766/text?key=wq1hgkcj4afb9ipqzllsq	Exploit
6	http://pastie.org/pastes/10527766/text?key=wq1hgkcj4afb9ipqzllsq	Exploit
7	http://www.rapid7.com/db/modules/exploit/multi/http/vbulletin_unserialize	Exploit
8	http://www.rapid7.com/db/modules/exploit/multi/http/vbulletin_unserialize	Exploit
9	https://blog.sucuri.net/2015/11/vbulletin-exploits-in-the-wild.html	Exploit
10	https://blog.sucuri.net/2015/11/vbulletin-exploits-in-the-wild.html	Exploit
11	https://www.exploit-db.com/exploits/38629/	Exploit
12	https://www.exploit-db.com/exploits/38629/	Exploit

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:vbulletin:vbulletin:5.0.0:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.8:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.0.5:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc2::::::
cpe:2.3:a:vbulletin:vbulletin:5.1.0:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc1::::::
cpe:2.3:a:vbulletin:vbulletin:5.1.6:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.7:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.0:rc1::::::
cpe:2.3:a:vbulletin:vbulletin:5.1.3:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.0.3:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:beta1::::::
cpe:2.3:a:vbulletin:vbulletin:5.0.2:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.9:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.2:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.5:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.0.1:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.4:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.1:::::::*
cpe:2.3:a:vbulletin:vbulletin:5.1.3:alpha5::::::
cpe:2.3:a:vbulletin:vbulletin:5.0.4:::::::*