Vulnerability Description
Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the module parameter to graph.php; or the (2) module or (3) file parameter to include/Ajax/CommonAjax.php, reachable through modules/Campaigns/CampaignsAjax.php, modules/SalesOrder/SalesOrderAjax.php, modules/System/SystemAjax.php, modules/Products/ProductsAjax.php, modules/uploads/uploadsAjax.php, modules/Dashboard/DashboardAjax.php, modules/Potentials/PotentialsAjax.php, modules/Notes/NotesAjax.php, modules/Faq/FaqAjax.php, modules/Quotes/QuotesAjax.php, modules/Utilities/UtilitiesAjax.php, modules/Calendar/ActivityAjax.php, modules/Calendar/CalendarAjax.php, modules/PurchaseOrder/PurchaseOrderAjax.php, modules/HelpDesk/HelpDeskAjax.php, modules/Invoice/InvoiceAjax.php, modules/Accounts/AccountsAjax.php, modules/Reports/ReportsAjax.php, modules/Contacts/ContactsAjax.php, and modules/Portal/PortalAjax.php; and allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the step parameter in an Import action to the (4) Accounts, (5) Contacts, (6) HelpDesk, (7) Leads, (8) Potentials, (9) Products, or (10) Vendors module, reachable through index.php and related to modules/Import/index.php and multiple Import.php files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vtiger | Vtiger Crm | 5.0.4 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=125060676515670&w=2
- http://secunia.com/advisories/36309Vendor Advisory
- http://securityreason.com/securityalert/8118
- http://www.exploit-db.com/exploits/9450
- http://www.osvdb.org/57239Exploit
- http://www.securityfocus.com/bid/36062Exploit
- http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/Exploit
- http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txtExploit
- http://www.vupen.com/english/advisories/2009/2319Vendor Advisory
- http://marc.info/?l=bugtraq&m=125060676515670&w=2
- http://secunia.com/advisories/36309Vendor Advisory
- http://securityreason.com/securityalert/8118
- http://www.exploit-db.com/exploits/9450
- http://www.osvdb.org/57239Exploit
- http://www.securityfocus.com/bid/36062Exploit
FAQ
What is CVE-2009-3249?
CVE-2009-3249 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the module parameter to graph.php; or the...
How severe is CVE-2009-3249?
CVE-2009-3249 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3249?
Check the references section above for vendor advisories and patch information. Affected products include: Vtiger Vtiger Crm.