What is the severity of CVE-2013-2225?

CVE-2013-2225 has a severity level classified as high due to its potential for serious exploitation.

How do I fix CVE-2013-2225?

To fix CVE-2013-2225, upgrade to GLPI version 0.83.9 or later where the vulnerability has been patched.

What versions of GLPI are affected by CVE-2013-2225?

CVE-2013-2225 affects GLPI versions 0.83.9 and earlier.

Can CVE-2013-2225 be exploited remotely?

Yes, CVE-2013-2225 allows remote attackers to exploit the vulnerability via specific parameters.

What impact does CVE-2013-2225 have on GLPI?

CVE-2013-2225 can lead to remote code execution through unserialization of arbitrary PHP objects.

Vulnerability/
CVE-2013-2225

medium

6.4

27/5/2014

12/4/2025

CVE-2013-2225

First published: Tue May 27 2014(Updated: )

inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
GLPI	<=0.83.9
GLPI	=0.5
GLPI	=0.5-rc1
GLPI	=0.5-rc2
GLPI	=0.6
GLPI	=0.6-rc1
GLPI	=0.6-rc2
GLPI	=0.6-rc3
GLPI	=0.20
GLPI	=0.21
GLPI	=0.30
GLPI	=0.31
GLPI	=0.40
GLPI	=0.41
GLPI	=0.42
GLPI	=0.51
GLPI	=0.51a
GLPI	=0.65
GLPI	=0.65-rc1
GLPI	=0.65-rc2
GLPI	=0.68
GLPI	=0.68-rc1
GLPI	=0.68-rc2
GLPI	=0.68-rc3
GLPI	=0.68.1
GLPI	=0.68.2
GLPI	=0.68.3
GLPI	=0.70
GLPI	=0.70-rc1
GLPI	=0.70-rc2
GLPI	=0.70-rc3
GLPI	=0.70.1
GLPI	=0.70.2
GLPI	=0.71
GLPI	=0.71.1
GLPI	=0.71.1-rc1
GLPI	=0.71.1-rc2
GLPI	=0.71.1-rc3
GLPI	=0.71.2
GLPI	=0.71.3
GLPI	=0.71.4
GLPI	=0.71.5
GLPI	=0.71.6
GLPI	=0.72
GLPI	=0.72-rc1
GLPI	=0.72-rc2
GLPI	=0.72-rc3
GLPI	=0.72.1
GLPI	=0.72.2
GLPI	=0.72.3
GLPI	=0.72.4
GLPI	=0.78
GLPI	=0.78.1
GLPI	=0.78.2
GLPI	=0.78.3
GLPI	=0.78.4
GLPI	=0.78.5
GLPI	=0.80
GLPI	=0.80.1
GLPI	=0.80.2
GLPI	=0.80.3
GLPI	=0.80.4
GLPI	=0.80.5
GLPI	=0.80.6
GLPI	=0.80.7
GLPI	=0.80.61
GLPI	=0.83
GLPI	=0.83.1
GLPI	=0.83.2
GLPI	=0.83.3
GLPI	=0.83.4
GLPI	=0.83.5
GLPI	=0.83.6
GLPI	=0.83.7
GLPI	=0.83.8
GLPI	=0.83.31
	<=0.83.9
	=0.5
	=0.5-rc1
	=0.5-rc2
	=0.6
	=0.6-rc1
	=0.6-rc2
	=0.6-rc3
	=0.20
	=0.21
	=0.30
	=0.31
	=0.40
	=0.41
	=0.42
	=0.51
	=0.51a
	=0.65
	=0.65-rc1
	=0.65-rc2
	=0.68
	=0.68-rc1
	=0.68-rc2
	=0.68-rc3
	=0.68.1
	=0.68.2
	=0.68.3
	=0.70
	=0.70-rc1
	=0.70-rc2
	=0.70-rc3
	=0.70.1
	=0.70.2
	=0.71
	=0.71.1
	=0.71.1-rc1
	=0.71.1-rc2
	=0.71.1-rc3
	=0.71.2
	=0.71.3
	=0.71.4
	=0.71.5
	=0.71.6
	=0.72
	=0.72-rc1
	=0.72-rc2
	=0.72-rc3
	=0.72.1
	=0.72.2
	=0.72.3
	=0.72.4
	=0.78
	=0.78.1
	=0.78.2
	=0.78.3
	=0.78.4
	=0.78.5
	=0.80
	=0.80.1
	=0.80.2
	=0.80.3
	=0.80.4
	=0.80.5
	=0.80.6
	=0.80.7
	=0.80.61
	=0.83
	=0.83.1
	=0.83.2
	=0.83.3
	=0.83.4
	=0.83.5
	=0.83.6
	=0.83.7
	=0.83.8
	=0.83.31

Remedy

https://forge.indepnet.net/projects/glpi/repository/revisions/21169/diff

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2225?
CVE-2013-2225 has a severity level classified as high due to its potential for serious exploitation.
How do I fix CVE-2013-2225?
To fix CVE-2013-2225, upgrade to GLPI version 0.83.9 or later where the vulnerability has been patched.
What versions of GLPI are affected by CVE-2013-2225?
CVE-2013-2225 affects GLPI versions 0.83.9 and earlier.
Can CVE-2013-2225 be exploited remotely?
Yes, CVE-2013-2225 allows remote attackers to exploit the vulnerability via specific parameters.
What impact does CVE-2013-2225 have on GLPI?
CVE-2013-2225 can lead to remote code execution through unserialization of arbitrary PHP objects.

agent/references
agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/author
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/event
vendor/glpi-project
canonical/glpi
version/glpi/0.83.9
version/glpi/0.5
version/glpi/0.5-rc1
version/glpi/0.5-rc2
version/glpi/0.6
version/glpi/0.6-rc1
version/glpi/0.6-rc2
version/glpi/0.6-rc3
version/glpi/0.20
version/glpi/0.21
version/glpi/0.30
version/glpi/0.31
version/glpi/0.40
version/glpi/0.41
version/glpi/0.42
version/glpi/0.51
version/glpi/0.51a
version/glpi/0.65
version/glpi/0.65-rc1
version/glpi/0.65-rc2
version/glpi/0.68
version/glpi/0.68-rc1
version/glpi/0.68-rc2
version/glpi/0.68-rc3
version/glpi/0.68.1
version/glpi/0.68.2
version/glpi/0.68.3
version/glpi/0.70
version/glpi/0.70-rc1
version/glpi/0.70-rc2
version/glpi/0.70-rc3
version/glpi/0.70.1
version/glpi/0.70.2
version/glpi/0.71
version/glpi/0.71.1
version/glpi/0.71.1-rc1
version/glpi/0.71.1-rc2
version/glpi/0.71.1-rc3
version/glpi/0.71.2
version/glpi/0.71.3
version/glpi/0.71.4
version/glpi/0.71.5
version/glpi/0.71.6
version/glpi/0.72
version/glpi/0.72-rc1
version/glpi/0.72-rc2
version/glpi/0.72-rc3
version/glpi/0.72.1
version/glpi/0.72.2
version/glpi/0.72.3
version/glpi/0.72.4
version/glpi/0.78
version/glpi/0.78.1
version/glpi/0.78.2
version/glpi/0.78.3
version/glpi/0.78.4
version/glpi/0.78.5
version/glpi/0.80
version/glpi/0.80.1
version/glpi/0.80.2
version/glpi/0.80.3
version/glpi/0.80.4
version/glpi/0.80.5
version/glpi/0.80.6
version/glpi/0.80.7
version/glpi/0.80.61
version/glpi/0.83
version/glpi/0.83.1
version/glpi/0.83.2
version/glpi/0.83.3
version/glpi/0.83.4
version/glpi/0.83.5
version/glpi/0.83.6
version/glpi/0.83.7
version/glpi/0.83.8
version/glpi/0.83.31