CVE-2019-11071

SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
spipspip
3.1.0 ≤
𝑥
< 3.1.10
spipspip
3.2.0 ≤
𝑥
< 3.2.4
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
spip
bullseye
3.2.11-3+deb11u10
fixed
jessie
not-affected
bullseye (security)
3.2.11-3+deb11u7
fixed
sid
4.3.3+dfsg-1
fixed
trixie
4.3.3+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
spip
focal
not-affected
eoan
not-affected
disco
ignored
cosmic
ignored
bionic
Fixed 3.1.4-4~deb9u3build0.18.04.1
released
xenial
not-affected
trusty
dne
Common Weakness Enumeration
References
https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html
https://github.com/spip/SPIP/commit/3ef87c525bc0768c926646f999a54222b37b5d36
https://github.com/spip/SPIP/commit/824d17f424bf77d17af89c18c3dc807a3199567e
https://github.com/spip/SPIP/compare/1e3872c...9861a47
https://usn.ubuntu.com/4536-1/
https://www.debian.org/security/2019/dsa-4429
https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html
https://github.com/spip/SPIP/commit/3ef87c525bc0768c926646f999a54222b37b5d36
https://github.com/spip/SPIP/commit/824d17f424bf77d17af89c18c3dc807a3199567e
https://github.com/spip/SPIP/compare/1e3872c...9861a47
https://usn.ubuntu.com/4536-1/
https://www.debian.org/security/2019/dsa-4429