Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
BID:51002
Info
Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
| Bugtraq ID: | 51002 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-2902 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 09 2011 12:00AM |
| Updated: | Aug 21 2012 09:40AM |
| Credit: | Reported by the vendor. |
| Vulnerable: |
Joomla JCE 2.0.21 Joomla JCE 2.0.19 Joomla JCE 2.0.17 Joomla JCE 2.0.18 Joomla JCE 2.0.10 |
| Not Vulnerable: |
Joomla JCE 2.1 |
Discussion
Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
The JCE component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input.
An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
Versions prior to JCE component 2.1.0 are vulnerable.
The JCE component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input.
An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
Versions prior to JCE component 2.1.0 are vulnerable.
Exploit / POC
Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
Attackers can exploit this issue with a browser.
Attackers can exploit this issue with a browser.
Solution / Fix
Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
Solution:
Updates are available. Please see the reference for more details.
Solution:
Updates are available. Please see the reference for more details.
References
Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
References:
References:
- Joomla! Homepage (Joomla )
- JCE 2.0.18 released (JCE)