CERTA-2009-AVI-263
Vulnerability from certfr_avis - Published: 2009-07-01 - Updated: 2009-07-01
Plusieurs vulnérabilités dans Joomla! permettent de réaliser des injections de code indirectes.
Description
De multiples vulnérabilités ont été découvertes dans Joomla! :
- la variable HTTP_REFERER n'est pas correctement traitée, ce qui permet de récupérer des cookies (20090604) ;
- la variable PHP_SELF n'est pas correctement filtrée, ce qui permet d'injecter du code javascript (20090605) ;
- plusieurs fichiers ne vérifient pas si la variable _JEXEC a été définie, ce qui provoque l'affichage du chemin d'installation de certains scripts (20090606).
Solution
Se référer aux bulletins de sécurité de l'éditeur (voir Documentation).
Joomla! versions 1.5.x antérieures à 1.5.12.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003e\u003cSPAN class=\"textit\"\u003eJoomla!\u003c/SPAN\u003e versions 1.5.x ant\u00e9rieures \u00e0 1.5.12.\u003c/P\u003e",
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Joomla! :\n\n- la variable HTTP_REFERER n\u0027est pas correctement trait\u00e9e, ce qui\n permet de r\u00e9cup\u00e9rer des cookies (20090604) ;\n- la variable PHP_SELF n\u0027est pas correctement filtr\u00e9e, ce qui permet\n d\u0027injecter du code javascript (20090605) ;\n- plusieurs fichiers ne v\u00e9rifient pas si la variable \\_JEXEC a \u00e9t\u00e9\n d\u00e9finie, ce qui provoque l\u0027affichage du chemin d\u0027installation de\n certains scripts (20090606).\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur (voir Documentation).\n",
"cves": [],
"initial_release_date": "2009-07-01T00:00:00",
"last_revision_date": "2009-07-01T00:00:00",
"links": [
{
"title": "Bulletins de s\u00e9curit\u00e9 Joomla! 20090606 du 01 juillet 2009 :",
"url": "http://developer.joomla.org/security/news/300-20090606-core-missing-jexec-check.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Joomla! 20090604 du 01 juillet 2009 :",
"url": "http://developer.joomla.org/security/news/298-20090604-core-frontend-xss-httpreferer-not-properly-filtered.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 Joomla! 20090605 du 01 juillet 2009 :",
"url": "http://developer.joomla.org/security/news/299-20090605-core-frontend-xss-phpself-not-properly-filtered.html"
}
],
"reference": "CERTA-2009-AVI-263",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-07-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eJoomla!\u003c/span\u003e\npermettent de r\u00e9aliser des injections de code indirectes.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Joomla!",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Joomla! 20090604, 20090605 et 20090606 du 01 juillet 2009",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…