Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6642

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-6642
Last Modified 15 Nov 2008 02:05:42
Published 03 Jan 2008 08:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6642

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors.

Vulnerable Systems

Application

  • Joomla 1.5rc4


References

BUGTRAQ - 20071227 [HSC Security Group] Multiple CSRF in Joomla all versions - Complete compromise

MISC - http://www.joomla.org/content/view/4335/116/

SECTRACK - 1019145

OSVDB - 41263

BID - 28111

MANDRIVA - MDVSA-2008:060

SREASON - 3505

SECUNIA - 29257


Last Updated: 27 May 2016 10:46:35