Joomla Core Multiple Vulnerabilities Fixed by 3.4.6


Description   (#Several vulnerabilities have been identified in Joomla CMS:#- CVE-2015-8562: remote code execution due to improper browser information filtering when saving the session values into the database##- CVE-2015-8565: directory traversal due to improper sanitation of input data from the XML install file located within an extension's package archive##- CVE-2015-8564: directory traversal due to inadequate filtering of request data##- CVE-2015-8563: com_templates not hardened enough against cross-site request forgery attacks.##The CVE-2015-8562 vulnerability is currently exploited in the wild.#Updated, 15/12/2015:#A proof of concept exists for the CVE-2015-8562 vulnerability.#Updated, 17/12/2015:#joomla3 packets provided by FreeBSD are vulnerable.#Updated, 31/12/2015:#An exploitation code for the CVE-2015-8562 vulnerability is available.)
     
Vulnerable Products   Vulnerable OS:
FreeBSD (FreeBSD) - AllVulnerable Software:
Joomla (OSM Development Team) - 1.5, 1.5.1, 1.5.10, 1.5.11, 1.5.12, ..., 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5
     
Solution   Version 3.4.6 of Joomla CMS fixes these vulnerabilities.
     
CVE   CVE-2015-8565
CVE-2015-8564
CVE-2015-8563
CVE-2015-8562
     
References   - Joomla [20151203] : - Core - Directory Traversal
https://developer.joomla.org/security-centre/634-20151214-core-directory-traversal.html
- Joomla [20151202] : - Core - CSRF Hardening
https://developer.joomla.org/security-centre/633-20151214-core-csrf-hardening.html
- Joomla [20151201] : - Core - Remote Code Execution Vulnerability
https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.html
- Joomla [20151204] : - Core - Directory Traversal
https://developer.joomla.org/security-centre/635-20151214-core-directory-traversal-2.html
- FreeBSD: joomla -- multiple vulnerabilities
http://www.vuxml.org/freebsd/a9f60ce8-a4e0-11e5-b864-14dae9d210b8.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
Joomla Core - Remote Code Execution Vulnerability
5.0.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2015-12-14 

 Target Type 
Server 

 Possible exploit 
Remote