CVE-2013-5877
published 2014-01-15CVE-2013-5877: Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0…
PriorityP351medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
54.97%
98.9th percentile
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote attackers to affect confidentiality via unknown vectors related to DM Others.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | supply_chain_products_suite | — | — |
| oracle | supply_chain_products_suite_sql-server | — | — |
| oracle | supply_chain_products_suite_sql-server | — | — |
| oracle | supply_chain_products_suite_sql-server | — | — |
| oracle | supply_chain_products_suite_sql-server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for POST requests to /demantra/GraphServlet containing a 'filename' parameter referencing local file paths (e.g., absolute Windows paths or WEB-INF resources), which indicates exploitation of the arbitrary file retrieval vulnerability. ↗
- →The exploit combines an authentication bypass with a file download vulnerability, meaning POST requests to /demantra/GraphServlet with file path parameters may arrive without valid session credentials — alert on unauthenticated POST requests to this endpoint. ↗
- →Responses to exploitation return Content-Type: image/png regardless of the actual file content — detect anomalous large image/png responses from /demantra/GraphServlet that contain XML or text content (e.g., web.xml disclosure). ↗
- →High-value target file for attackers is WEB-INF/web.xml; alert on any request parameter containing 'WEB-INF' or 'web.xml' strings directed at the Oracle Demantra application. ↗
- ·The vulnerability affects Oracle Demantra versions 7.2.0.3 (SQL-Server), 7.3.0, 7.3.1, 12.2.0, and 12.2.1; the exploit PoC specifically targets 12.2.1 but the authentication bypass and file retrieval may apply across all listed versions. ↗
- ·Impact severity depends on the read permissions of the web server user account; files readable by that account (including full application source code) can be exfiltrated. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Oracle Demantra 12.2.1 - Arbitrary File Disclosure
exploitdb·2014-03-01
CVE-2013-5877 Oracle Demantra 12.2.1 - Arbitrary File Disclosure
Oracle Demantra 12.2.1 - Arbitrary File Disclosure
---
Details:
The Team discovered a Local File Include (LFI) vulnerability. A file inclusion vulnerability occurs when a file from the target system is injected into a page on the attacked server page.
The vulnerable page is:
* /demantra/GraphServlet
Impact:
Impact can differ based on the exploitation and the read permission of the web server user. Depending on these factors an attacker might carry out one or more of the following attacks:
- Harvest useful information from the web.xml configuration file.
- Download the whole web application source code like the vulnerable page itself.
Exploit:
Request:
POST /demantra/GraphServlet HTTP/1.1
Host: 192.168.14.171:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:22.0) Ge
Exploit-DB
Nero MediaHome 4.5.8.0 - Denial of Service
exploitdb·2013-01-10·CVSS 5.0
CVE-2012-5877 [MEDIUM] Nero MediaHome 4.5.8.0 - Denial of Service
Nero MediaHome 4.5.8.0 - Denial of Service
---
Advisory ID: HTB23130
Product: Nero MediaHome
Vendor: Nero
Vulnerable Version(s): 4.5.8.0 and probably prior
Tested Version: 4.5.8.0 in Windows 7 SP1
Vendor Notification: November 21, 2012
Public Disclosure: January 9, 2013
Vulnerability Type: Improper Handling of Length Parameter Inconsistency [CWE-130], Improper Handling of Undefined Parameters [CWE-236]
CVE References: CVE-2012-5876, CVE-2012-5877
CVSSv2 Base Scores: 3.3 (AV:A/AC:L/Au:N/C:N/I:N/A:P), 3.3 (AV:A/AC:L/Au:N/C:N/I:N/A:P)
Risk Level: Low
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )
Advisory Details:
High-Tech Bridge Security Research Lab has discovered multiple remote DoS vulnerabilities in Nero Media Home server, whi
Metasploit
Oracle Demantra Arbitrary File Retrieval with Authentication Bypass
metasploit
Oracle Demantra Arbitrary File Retrieval with Authentication Bypass
Oracle Demantra Arbitrary File Retrieval with Authentication Bypass
This module exploits a file download vulnerability found in Oracle Demantra 12.2.1 in combination with an authentication bypass. By combining these exposures, an unauthenticated user can retrieve any file on the system by referencing the full file path to any file a vulnerable machine.
No writeups or analysis indexed.
http://osvdb.org/102094http://secunia.com/advisories/56474http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlhttp://www.securityfocus.com/bid/64758http://www.securityfocus.com/bid/64831http://www.securitytracker.com/id/1029620http://osvdb.org/102094http://secunia.com/advisories/56474http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlhttp://www.securityfocus.com/bid/64758http://www.securityfocus.com/bid/64831http://www.securitytracker.com/id/1029620
2014-01-15
Published