Five vulnerabilities in the content management system Joomla!

These flaws allows a remote user to elevate privileges on the system by exploiting SQL injection. One of vulnerabilities in Joomla! allows an attacker to gain administrator rights.

The developers of the popular content management system Joomla released a security update that fixes five vulnerabilities. One of flaws allows an attacker to remotely elevate privileges using the SQL-injection and obtain administrator rights on most web-sites running Joomla!.

The single remote, active privilege elevation vulnerability was discovered by Trustwave’s specialist Asaf Orpani and PerimeterX’s expert Netanel Rubin. In the Trustwave blog Orpani published details of the breach and said that the vulnerability can also affect the resources under the control of the platform VirtueMart, because it is based on a vulnerable version of the Joomla kernel module.

“Since the breach was discovered in the kernel module (which does not require add-ons), all web-sites based on Joomla 3.2 and later versions are vulnerable to attack. In this regard, all of the resources under the control of VirtueMart also be compromised, “- said the expert.

The other two vulnerabilities are fairly common mistakes of access control. Exploiting these vulnerabilities may allow remote attackers to reveal important data.

Five vulnerabilities in Joomla

Danger: High

Availability correction: Yes

The number of vulnerabilities: 5

CVE ID:

CVE-2015-7297

CVE-2015-7857

CVE-2015-7858

CVE-2015-7859

CVE-2015-7899

Vector of operation: Remote

Impact:

Disclosure of sensitive data

Privilege escalation

Affected Products: Joomla! 3.x

Affected versions: Joomla 3.0.0 through 3.4.4

Description:

The vulnerabilities allows a remote user to elevate privileges and disclose sensitive data.

[Critical SQL Injection: CVE-2015-7297, CVE-2015-7857, CVE-2015-7858] These vulnerabilities are caused due to insufficient input data processing in the application database. The remote user can via a specially crafted SQL-query to make arbitrary changes to the database.

[CVE-2015-7859, CVE-2015-7899] These vulnerabilities are caused due to insufficient input validation. The remote user can reveal important data.

Solution: Install the update from the manufacturer.

Manufacturer URL: http://joomla.org

Joomla! – Security Centre: http://developer.joomla.org/security-centre.html