Joomla! Poll System mosmsg Variable Malformed HTML Tag DoS
2006-02-26T09:47:34
ID OSVDB:23816 Type osvdb Reporter Foster(ghc@ghc.ru) Modified 2006-02-26T09:47:34
Description
Vulnerability Description
Joomla! contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker provides malformed HTML tags to the 'mosmsg' variable in the poll system. Due to an error in the anti cross site scripting (XSS) code in includes/phpInputFilter/class.inputfilter.php, such a request will cause a denial of service and may result in loss of availability for the system.
Solution Description
Upgrade to version 1.0.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
Joomla! contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker provides malformed HTML tags to the 'mosmsg' variable in the poll system. Due to an error in the anti cross site scripting (XSS) code in includes/phpInputFilter/class.inputfilter.php, such a request will cause a denial of service and may result in loss of availability for the system.
{"enchantments": {"score": {"value": 5.1, "vector": "NONE", "modified": "2017-04-28T13:20:20", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-1029"]}], "modified": "2017-04-28T13:20:20", "rev": 2}, "vulnersScore": 5.1}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Joomla!", "operator": "eq", "version": "1.0.7"}], "references": [], "href": "https://vulners.com/osvdb/OSVDB:23816", "id": "OSVDB:23816", "title": "Joomla! Poll System mosmsg Variable Malformed HTML Tag DoS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "lastseen": "2017-04-28T13:20:20", "edition": 1, "reporter": "Foster(ghc@ghc.ru)", "description": "## Vulnerability Description\nJoomla! contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker provides malformed HTML tags to the 'mosmsg' variable in the poll system. Due to an error in the anti cross site scripting (XSS) code in includes/phpInputFilter/class.inputfilter.php, such a request will cause a denial of service and may result in loss of availability for the system.\n## Solution Description\nUpgrade to version 1.0.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nJoomla! contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker provides malformed HTML tags to the 'mosmsg' variable in the poll system. Due to an error in the anti cross site scripting (XSS) code in includes/phpInputFilter/class.inputfilter.php, such a request will cause a denial of service and may result in loss of availability for the system.\n## Manual Testing Notes\n/index.php?option=com_poll&task=results&id=14&mosmsg=DOS@HERE<<>AAA<><>\n## References:\nVendor URL: http://www.joomla.org/\nVendor Specific News/Changelog Entry: http://www.joomla.org/content/view/938/78/\n[Secunia Advisory ID:19105](https://secuniaresearch.flexerasoftware.com/advisories/19105/)\n[Related OSVDB ID: 23815](https://vulners.com/osvdb/OSVDB:23815)\n[Related OSVDB ID: 23817](https://vulners.com/osvdb/OSVDB:23817)\n[Related OSVDB ID: 23821](https://vulners.com/osvdb/OSVDB:23821)\n[Related OSVDB ID: 23818](https://vulners.com/osvdb/OSVDB:23818)\n[Related OSVDB ID: 23819](https://vulners.com/osvdb/OSVDB:23819)\n[Related OSVDB ID: 23820](https://vulners.com/osvdb/OSVDB:23820)\n[Related OSVDB ID: 23822](https://vulners.com/osvdb/OSVDB:23822)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0601.html\nFrSIRT Advisory: ADV-2006-0818\n[CVE-2006-1029](https://vulners.com/cve/CVE-2006-1029)\n", "modified": "2006-02-26T09:47:34", "viewCount": 2, "published": "2006-02-26T09:47:34", "cvelist": ["CVE-2006-1029"], "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:27:18", "description": "The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using \"<<>AAA<><>\", possibly due to nested or empty tags.", "edition": 4, "cvss3": {}, "published": "2006-03-07T00:02:00", "title": "CVE-2006-1029", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-1029"], "modified": "2018-10-18T16:30:00", "cpe": ["cpe:/a:joomla:joomla:1.0.7"], "id": "CVE-2006-1029", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1029", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:joomla:joomla:1.0.7:*:*:*:*:*:*:*"]}]}
