Joomla User-Agent PHP object injection

2015-12-17T00:00:00
ID SAINT:1E0BFF3A5AC9A780E289B143FCC5F23A
Type saint
Reporter SAINT Corporation
Modified 2015-12-17T00:00:00

Description

Added: 12/17/2015
CVE: CVE-2015-8562
BID: 79195

Background

Joomla is a content management system written in PHP.

Problem

A vulnerability which occurs when Joomla saves browser session information could allow a remote, unauthenticated attacker to inject PHP objects via the User-Agent header, leading to arbitrary command execution.

Resolution

Upgrade to Joomla 3.4.6 or higher.

References

<https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.html>
<https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.html>

Limitations

Exploit works on Joomla 3.4.5 running on Linux.

Platforms

Linux