Software Affected Joomla CMS
versions 1.6.0 through 3.6.4
Severity Rating: HIGH
Software Affected
• Joomla CMS versions 1.6.0 through 3.6.4
Overview
Multiple vulnerabilities have been reported in Joomla, which could be
exploited by remote attacker to obtain sensitive information and execute
Description
1. Privilege Escalation Vulnerability ( CVE-2016-9838 )
This vulnerability exists in components/com_users/models/
due to incorrect filtering of registration form data stored to the session
on a validation error. Successful exploitation of this vulnerability could
allow an attacker to gain access to a registered users account and reset
the username and password.
2. Arbitrary File Upload Vulnerability ( CVE-2016-9836 )
This vulnerability exists due to inadequate filesystem check mechanism of
JFilterInput::is FileSafe() that does not consider other substitute PHP
file extensions when checking uploaded files for PHP content. Successful
exploitation of this vulnerability could allow an attacker to upload and
execute arbitrary files of extensions ".php6", ".php7", ".phtml", and
".phpt" to the affected computer this may result in arbitrary code
execution.
3. Information Disclosure Vulnerability ( CVE-2016-9837 )
This vulnerability exists due to inadequate ACL checks in the Beez3 layout
override of the com_content article. Successful exploitation of this
vulnerability could allow an attacker to gain access to sensitive
information that may aid in further attacks.
Solution
Upgrade to latest version as mentioned in:
Vendor Information
Joomla
References
Joomla
Security focus
CVE Name
CVE-2016-9838
CVE-2016-9836
CVE-2016-9837
- --
Note: Please do not reply to this e-mail. For further queries contact
CERT-In Information Desk. Email: info@cert-in.org.in
EmoticonEmoticon