Lucene search

FreeBSDCEC4D01A-7AC5-11E5-B35A-002590263BF5

HistorySep 30, 2014 - 12:00 a.m.

Joomla! -- Core - Remote File Execution/Denial of Service vulnerabilities

2014-09-3000:00:00

vuxml.freebsd.org

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.953

Percentile

99.4%

JSON

The JSST and the Joomla! Security Center report:

[20140903] - Core - Remote File Inclusion
Inadequate checking allowed the potential for remote files to be
executed.

[20140904] - Core - Denial of Service
Inadequate checking allowed the potential for a denial of service
attack.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchjoomla3< 3.2.6UNKNOWN
FreeBSDanynoarchjoomla2= 2.5.4UNKNOWN
FreeBSDanynoarchjoomla2< 2.5.26UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	joomla3	< 3.2.6	UNKNOWN
FreeBSD	any	noarch	joomla2	= 2.5.4	UNKNOWN
FreeBSD	any	noarch	joomla2	< 2.5.26	UNKNOWN

References

developer.joomla.org/security-centre/595-20140903-core-remote-file-inclusion.html

developer.joomla.org/security-centre/596-20140904-core-denial-of-service.html

www.joomla.org/announcements/release-news/5566-joomla-2-5-26-released.html

www.joomla.org/announcements/release-news/5567-joomla-3-3-5-released.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.953

Percentile

99.4%

JSON

Related for CEC4D01A-7AC5-11E5-B35A-002590263BF5