Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4804

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-4804
Last Modified 10 Feb 2012 12:00:00
Published 13 Dec 2011 07:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4804

Summary

Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Vulnerable Systems

Application

  • Foobla Com Obsuggest 1.5.0.1

  • Foobla Com Obsuggest 1.5.1.1.20090922

  • Foobla Com Obsuggest 1.5.1.2

  • Foobla Com Obsuggest 1.5.1.4

  • Foobla Com Obsuggest 1.5.1.5

  • Foobla Com Obsuggest 1.5.1.6

  • Foobla Com Obsuggest 1.5.1.7

  • Foobla Com Obsuggest 1.6.1

  • Foobla Com Obsuggest 1.6.4


References

BID - 48944

SECUNIA - 46844

CONFIRM - http://foobla.com/news/latest/obsuggest-1.8-security-release.html


Last Updated: 27 May 2016 10:57:54