Vulnerability Description
Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Revive-Adserver | Revive Adserver | <= 4.0.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2017/02/02/3Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/95875
- https://www.revive-adserver.com/security/revive-sa-2017-001/PatchVendor Advisory
- http://www.openwall.com/lists/oss-security/2017/02/02/3Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/95875
- https://www.revive-adserver.com/security/revive-sa-2017-001/PatchVendor Advisory
FAQ
What is CVE-2017-5830?
CVE-2017-5830 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.
How severe is CVE-2017-5830?
CVE-2017-5830 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-5830?
Check the references section above for vendor advisories and patch information. Affected products include: Revive-Adserver Revive Adserver.