Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:JOOMLA-CMS-ACE |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Joomla! HTTP User Agent Object Injection |
Release Date |
2016/05/12 |
Update Number |
2719 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Joomla! HTTP User Agent Object Injection
An object injection vulnerability has been reported in Joomla! CMS. Successful exploitation allows the attacker to execute arbitrary code under the security context of Web server.
Extended Description
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
Affected Products
- Joomla joomla! 1.5.0
- Joomla joomla! 1.5.1
- Joomla joomla! 1.5.10
- Joomla joomla! 1.5.11
- Joomla joomla! 1.5.12
- Joomla joomla! 1.5.13
- Joomla joomla! 1.5.14
- Joomla joomla! 1.5.15
- Joomla joomla! 1.5.16
- Joomla joomla! 1.5.17
- Joomla joomla! 1.5.18
- Joomla joomla! 1.5.19
- Joomla joomla! 1.5.2
- Joomla joomla! 1.5.20
- Joomla joomla! 1.5.21
- Joomla joomla! 1.5.22
- Joomla joomla! 1.5.23
- Joomla joomla! 1.5.24
- Joomla joomla! 1.5.25
- Joomla joomla! 1.5.26
- Joomla joomla! 1.5.3
- Joomla joomla! 1.5.4
- Joomla joomla! 1.5.6
- Joomla joomla! 1.5.7
- Joomla joomla! 1.5.8
- Joomla joomla! 1.5.9
- Joomla joomla! 1.6.0
- Joomla joomla! 1.6.1
- Joomla joomla! 1.6.2
- Joomla joomla! 1.6.3
- Joomla joomla! 1.6.4
- Joomla joomla! 1.6.5
- Joomla joomla! 1.6.6
- Joomla joomla! 1.7.0
- Joomla joomla! 1.7.1
- Joomla joomla! 1.7.2
- Joomla joomla! 1.7.3
- Joomla joomla! 1.7.4
- Joomla joomla! 1.7.5
- Joomla joomla! 2.5.0
- Joomla joomla! 2.5.1
- Joomla joomla! 2.5.10
- Joomla joomla! 2.5.11
- Joomla joomla! 2.5.12
- Joomla joomla! 2.5.13
- Joomla joomla! 2.5.14
- Joomla joomla! 2.5.15
- Joomla joomla! 2.5.16
- Joomla joomla! 2.5.17
- Joomla joomla! 2.5.18
- Joomla joomla! 2.5.19
- Joomla joomla! 2.5.2
- Joomla joomla! 2.5.20
- Joomla joomla! 2.5.21
- Joomla joomla! 2.5.22
- Joomla joomla! 2.5.23
- Joomla joomla! 2.5.24
- Joomla joomla! 2.5.25
- Joomla joomla! 2.5.26
- Joomla joomla! 2.5.27
- Joomla joomla! 2.5.28
- Joomla joomla! 2.5.3
- Joomla joomla! 2.5.4
- Joomla joomla! 2.5.5
- Joomla joomla! 2.5.6
- Joomla joomla! 2.5.7
- Joomla joomla! 2.5.8
- Joomla joomla! 2.5.9
- Joomla joomla! 3.0.0
- Joomla joomla! 3.0.1
- Joomla joomla! 3.0.2
- Joomla joomla! 3.0.3
- Joomla joomla! 3.1.0
- Joomla joomla! 3.1.1
- Joomla joomla! 3.1.2
- Joomla joomla! 3.1.3
- Joomla joomla! 3.1.4
- Joomla joomla! 3.1.5
- Joomla joomla! 3.1.6
- Joomla joomla! 3.2.0
- Joomla joomla! 3.2.1
- Joomla joomla! 3.2.2
- Joomla joomla! 3.2.3
- Joomla joomla! 3.2.4
- Joomla joomla! 3.3.0
- Joomla joomla! 3.3.1
- Joomla joomla! 3.3.2
- Joomla joomla! 3.3.3
- Joomla joomla! 3.3.4
- Joomla joomla! 3.4.0
- Joomla joomla! 3.4.1
- Joomla joomla! 3.4.2
- Joomla joomla! 3.4.3
- Joomla joomla! 3.4.4
- Joomla joomla! 3.4.5
References
- CVE: CVE-2015-8562
- URL: https://blog.sucuri.net/2015/12/joomla-remote-code-execution-the-details.html
- URL: https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.html
- URL: https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.html
- URL: https://blog.patrolserver.com/2015/12/17/in-depth-analyses-of-the-joomla-0-day-user-agent-exploit/
- URL: https://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fdrops.wooyun.org%2Fpapers%2F11330
- URL: https://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fwww.freebuf.com%2Fvuls%2F89754.html
- URL: https://bugs.php.net/bug.php?id=70219