CVE-2013-1453

plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://developer.joomla.org/security/news/548-20130201-core-information-disclosure.html	Vendor Advisory
http://karmainsecurity.com/KIS-2013-03
http://karmainsecurity.com/analysis-of-the-joomla-php-object-injection-vulnerability	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/81925

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:joomla:joomla\!:3.0.1:::::::*
	cpe:2.3:a:joomla:joomla\!:3.0.2:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.6:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.7:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.0:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.1:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.8:::::::*
	cpe:2.3:a:joomla:joomla\!:3.0.0:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.4:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.5:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.2:::::::*
	cpe:2.3:a:joomla:joomla\!:2.5.3:::::::*

Information

Published : 2013-02-12 17:55

Updated : 2017-08-28 18:33

NVD link : CVE-2013-1453

Mitre link : CVE-2013-1453

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

joomla

joomla\!

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://developer.joomla.org/security/news/548-20130201-core-information-disclosure.html", "name": "http://developer.joomla.org/security/news/548-20130201-core-information-disclosure.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://karmainsecurity.com/KIS-2013-03", "name": "http://karmainsecurity.com/KIS-2013-03", "tags": [], "refsource": "MISC"}, {"url": "http://karmainsecurity.com/analysis-of-the-joomla-php-object-injection-vulnerability", "name": "http://karmainsecurity.com/analysis-of-the-joomla-php-object-injection-vulnerability", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81925", "name": "joomla-search-information-disclosure(81925)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-1453", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-02-13T01:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:joomla:joomla\\!:2.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:33Z"}