Joomla! Core Bugs Let Remote Users Bypass Access Controls and Inject SQL Commands
|
SecurityTracker Alert ID: 1033950 |
SecurityTracker URL: http://securitytracker.com/id/1033950
|
CVE Reference:
CVE-2015-7297, CVE-2015-7857, CVE-2015-7858, CVE-2015-7859, CVE-2015-7899
(Links to External Site)
|
Date: Oct 23 2015
|
Impact:
Disclosure of system information, Disclosure of user information, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.0.0 - 3.4.4
|
Description:
Multiple vulnerabilities were reported in Joomla!. A remote user can access data on the target system. A remote user can inject SQL commands.
The software does not properly validate user-supplied input [CVE-2015-7297, CVE-2015-7857, CVE-2015-7858]. A remote user can supply a specially crafted request data to execute SQL commands on the underlying database. Versions 3.2.0 through 3.4.4 are affected.
Asaf Orpani of Trustwave and Netanel Rubin at PerimeterX reported this vulnerability.
A remote user can bypass access control list checks in 'com_contenthistory' to gain read access to data on the target system [CVE-2015-7859]. Versions 3.2.0 through 3.4.4 are affected.
A remote user can bypass access control list checks in 'com_content' to gain read access to data on the target system [CVE-2015-7899].
|
Impact:
A remote user can obtain data on the target system.
A remote user can execute SQL commands on the underlying database.
|
Solution:
The vendor has issued a fix (3.4.5).
The vendor's advisory is available at:
http://developer.joomla.org/security-centre.html
|
Vendor URL: developer.joomla.org/security-centre.html (Links to External Site)
|
Cause:
Access control error, Input validation error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|