Release date:
Updated on:
Affected Systems:
Reviewboard 1.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2013-4409, CVE-2013-4410, CVE-2013-4411
ReviewBoard is an open-source code review application.
In versions earlier than ReviewBoard 1.6.19 and 1.7.15, The Djblets inventory is incorrect when parsing JSON requests. attackers can execute arbitrary Python code using specially crafted serialized Python objects. Due to the failure to properly restrict access to some REST APIs, unauthorized access may occur. To exploit this vulnerability, you need to use the Local Sites function, invite-only group, or private library. An error exists in the dashboard URL Processing, A special URL can cause access to private review requests.
<* Source: vendor
Link: http://secunia.com/advisories/55208/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Reviewboard
-----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.reviewboard.org
Http://www.reviewboard.org/docs/releasenotes/reviewboard/1.6.19/
Http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15/
Http://www.reviewboard.org/news/2013/10/10/new-security-releases-review-board-1-6-19-and-1-7-15/