Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2890

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2890
Last Modified 10 Aug 2011 10:52:02
Published 27 Jul 2011 04:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2890

Summary

The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488.

Vulnerable Systems

Application

  • Joomla%21 1.5.0

  • Joomla%21 1.5.1

  • Joomla%21 1.5.10

  • Joomla%21 1.5.11

  • Joomla%21 1.5.12

  • Joomla%21 1.5.13

  • Joomla%21 1.5.14

  • Joomla%21 1.5.15

  • Joomla%21 1.5.16

  • Joomla%21 1.5.17

  • Joomla%21 1.5.18

  • Joomla%21 1.5.19

  • Joomla%21 1.5.2

  • Joomla%21 1.5.20

  • Joomla%21 1.5.21

  • Joomla%21 1.5.22

  • Joomla%21 1.5.23

  • Joomla%21 1.5.3

  • Joomla%21 1.5.4

  • Joomla%21 1.5.5

  • Joomla%21 1.5.6

  • Joomla%21 1.5.7

  • Joomla%21 1.5.8

  • Joomla%21 1.5.9


References

XF - joomla-view-path-disclosure(68882)

MLIST - [oss-security] 20110701 Re: CVE request: Joomla unspecified information disclosure vulnerability


Last Updated: 27 May 2016 10:57:12