Lucene search
MitreCVE-2013-3242HistoryMay 03, 2013 - 11:57 a.m.
CVE-2013-3242
2013-05-0311:57:46
CWE-20
mitre
web.nvd.nist.gov
34
joomla
security
vulnerability
cve-2013-3242
php object injection
nvd
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.021
Percentile
89.4%
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors.
Affected configurations
Node
joomlajoomla\!Match3.0.0
ORjoomlajoomla\!Match3.0.1
ORjoomlajoomla\!Match3.0.2
ORjoomlajoomla\!Match3.0.3
Node
joomlajoomla\!Match2.5.0
ORjoomlajoomla\!Match2.5.1
ORjoomlajoomla\!Match2.5.2
ORjoomlajoomla\!Match2.5.3
ORjoomlajoomla\!Match2.5.4
ORjoomlajoomla\!Match2.5.5
ORjoomlajoomla\!Match2.5.6
ORjoomlajoomla\!Match2.5.7
ORjoomlajoomla\!Match2.5.8
ORjoomlajoomla\!Match2.5.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | joomla\! | 3.0.0 | cpe:2.3:a:joomla:joomla\!:3.0.0:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.0.1 | cpe:2.3:a:joomla:joomla\!:3.0.1:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.0.2 | cpe:2.3:a:joomla:joomla\!:3.0.2:*:*:*:*:*:*:* |
| joomla | joomla\! | 3.0.3 | cpe:2.3:a:joomla:joomla\!:3.0.3:*:*:*:*:*:*:* |
| joomla | joomla\! | 2.5.0 | cpe:2.3:a:joomla:joomla\!:2.5.0:*:*:*:*:*:*:* |
| joomla | joomla\! | 2.5.1 | cpe:2.3:a:joomla:joomla\!:2.5.1:*:*:*:*:*:*:* |
| joomla | joomla\! | 2.5.2 | cpe:2.3:a:joomla:joomla\!:2.5.2:*:*:*:*:*:*:* |
| joomla | joomla\! | 2.5.3 | cpe:2.3:a:joomla:joomla\!:2.5.3:*:*:*:*:*:*:* |
| joomla | joomla\! | 2.5.4 | cpe:2.3:a:joomla:joomla\!:2.5.4:*:*:*:*:*:*:* |
| joomla | joomla\! | 2.5.5 | cpe:2.3:a:joomla:joomla\!:2.5.5:*:*:*:*:*:*:* |
Related
joomla
joomla
[20130406] - Core - DOS Vulnerability
2013-02-18 00:00:00
securityvulns
securityvulns
zdt
zdt
Joomla! 3.0.3 PHP Object Injection Vulnerability
2013-04-30 00:00:00
seebug
seebug
Joomla! <= 3.0.3 (remember.php) - PHP Object Injection Vulnerability
2014-07-01 00:00:00
prion
prion
Design/Logic Flaw
2013-05-03 11:57:00
exploitdb
exploitdb
Joomla! 3.0.3 - 'remember.php' PHP Object Injection
2013-04-26 00:00:00
packetstorm
packetstorm
Joomla! 3.0.3 PHP Object Injection
2013-04-29 00:00:00
cvelist
cvelist
CVE-2013-3242
2013-05-03 10:00:00
exploitpack
exploitpack
Joomla! 3.0.3 - remember.php PHP Object Injection
2013-04-26 00:00:00
nvd
nvd
CVE-2013-3242
2013-05-03 11:57:46
nessus
nessus
Joomla! 2.5.x < 2.5.10 / 3.0.x < 3.0.4 Multiple Vulnerabilities
2013-05-13 00:00:00
freebsd
freebsd
Joomla! -- XXS and DDoS vulnerabilities
2013-04-24 00:00:00
osv
osv
phpMyAdmin-4.6.5.2-1.1 on GA media
2024-06-15 00:00:00
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.021
Percentile
89.4%
Related for CVE-2013-3242