CVE-2011-5134 - OpenCVE

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Joomla	Joomla\!
Widgetfactorylimited	Com Jce

Configuration 1 [-]

AND

OR	cpe:2.3:a:widgetfactorylimited:com_jce::::::::
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.0:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.1:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.2:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.3:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.4:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.5:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.6:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.7:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.8:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.9:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.10:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.11:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.12:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.13:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.14:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.15:::::::*
	cpe:2.3:a:widgetfactorylimited:com_jce:2.0.16:::::::*

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/47190	Vendor Advisory
http://www.joomlacontenteditor.net/news/item/jce-2018-released?category_id=32
http://www.osvdb.org/77579

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:12

Updated: 2022-10-03T16:15:12

Reserved: 2022-10-03T00:00:00

Link: CVE-2011-5134

JSON object: View

NVD Information

Status : Analyzed

Published: 2012-08-30T22:55:04.387

Modified: 2012-09-13T04:00:00.000

Link: CVE-2011-5134

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:15:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.joomlacontenteditor.net/news/item/jce-2018-released?category_id=32"}, {"name": "47190", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47190"}, {"name": "77579", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/77579"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-5134", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.joomlacontenteditor.net/news/item/jce-2018-released?category_id=32", "refsource": "CONFIRM", "url": "http://www.joomlacontenteditor.net/news/item/jce-2018-released?category_id=32"}, {"name": "47190", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47190"}, {"name": "77579", "refsource": "OSVDB", "url": "http://www.osvdb.org/77579"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-5134", "datePublished": "2022-10-03T16:15:12", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:15:12", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:*:*:*:*:*:*:*:*", "matchCriteriaId": "A651EF3B-CB12-4E10-818F-8F87BAD54EAC", "versionEndIncluding": "2.0.17", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0C71C2C9-8214-4DD5-8879-B2F94F23805A", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3DE9FE2-4D6A-4B31-B412-7BC16A484D8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9A5EFD1-777A-41C9-A9F3-9C0F1F1820DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "EC3B2E1C-1A8B-44F2-8F43-7B61A3B06984", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DA074968-E6BA-496E-B62E-E024EA29C218", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "23DE201C-B5FC-4F3F-8DF4-9BCAC579696E", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C4BE2B3F-B88F-4317-A781-74DD66EAD5D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "DA60084E-B1B4-4605-9B86-9CC0FA130F15", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "30C4CA18-EA6E-434F-BEE7-C303E599BD81", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "811B6AAE-3824-4886-AD26-82134ED60253", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A4006996-0276-40F5-967B-03E72E9EE69E", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "AD2E58A4-24C2-4575-BCD7-46844FDF8DAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "AE3FD90D-127F-456A-9CFE-3A0FDE207745", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "4B718D58-8D25-45EB-8711-ED4D8CB2CB6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "EEFC390D-CC64-4FCC-9DAE-96012EA581FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "F9FB7809-03A1-4326-9E76-A3DA618A2879", "vulnerable": true}, {"criteria": "cpe:2.3:a:widgetfactorylimited:com_jce:2.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "E3AFD7BC-75A2-4F6D-ADAB-A3793668A29F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AC7400C-F6AF-4B5E-A34B-0222F94DCC46", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Vulnerabilidad de carga de ficheros no restringida en editor/extensions/browser/file.php en el componente JCE anterior a v2.0.18 para Joomla! permite a usuarios remotos autenticados con privilegios de autor ejecutar c\u00f3digo arbitrario PHP a trav\u00e9s de la carga de un fichero con una extensi\u00f3n doble, como se demuestra con .php.gif. NOTA: algunos de los detalles son obtenidos de informaci\u00f3n proporcionada por terceros."}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/434.html\r\n\r\n'Unrestricted File Upload Vulnerability'\r\n", "id": "CVE-2011-5134", "lastModified": "2012-09-13T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-30T22:55:04.387", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47190"}, {"source": "cve@mitre.org", "url": "http://www.joomlacontenteditor.net/news/item/jce-2018-released?category_id=32"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/77579"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}