Joomla! JCE Component Plugins Directory Traversal Vulnerability


Description   A vulnerability has been reported in the Image Manager Extended and Template Manager plugins for the Joomla! component JCE, which can be exploited by malicious users to disclose system information and manipulate certain data.
Certain input is not properly verified before being used to access files. This can be exploited to view and manipulate files and folders outside of the application root.
This is related to:
SA45849
The vulnerability is reported in the Image Manager Extended plugin prior to versions 1.5.7.8 and 2.0.4 and the Template Manager plugin prior to version 1.5.5.2 and 2.0.3.
     
Vulnerable Products   Vulnerable Software:
Image Manager Extended (Plugin for Joomla! component JCE 1.x)Image Manager Extended (Plugin for Joomla! component JCE 2.x)Template Manager (Plugin for Joomla! component JCE 1.x)Template Manager (Plugin for Joomla! component JCE 2.x)
     
Solution   Update to Image Manager Extended plugin versions 1.5.7.8 and 2.0.4 and Template Manager plugin versions 1.5.5.2 and 2.0.3.
     
CVE  
     
References   http://www.joomlacontenteditor.net/news/item/jce-2011-released
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2011-09-01 

 Target Type 
Server 

 Possible exploit 
Remote