Vulnerability Description
Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.
CVSS Score
6.5
MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Joomla | Joomla | 1.5rc4 |
Related Weaknesses (CWE)
References
- http://osvdb.org/43277
- http://secunia.com/advisories/29257
- http://securitytracker.com/id?1019145
- http://www.joomla.org/content/view/4335/116/
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:060
- http://www.securityfocus.com/bid/28111
- http://osvdb.org/43277
- http://secunia.com/advisories/29257
- http://securitytracker.com/id?1019145
- http://www.joomla.org/content/view/4335/116/
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:060
- http://www.securityfocus.com/bid/28111
FAQ
What is CVE-2007-6644?
CVE-2007-6644 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.
How severe is CVE-2007-6644?
CVE-2007-6644 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6644?
Check the references section above for vendor advisories and patch information. Affected products include: Joomla Joomla.