1. Home
  2. CVE Database
  3. CVE-2013-5576
MEDIUM · 6.8

CVE-2013-5576

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended a...

Vulnerability Description

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
JoomlaJoomla\!2.5.0

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2013-5576?

CVE-2013-5576 is a vulnerability with a CVSS score of 6.8 (MEDIUM). administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended a...

How severe is CVE-2013-5576?

CVE-2013-5576 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-5576?

Check the references section above for vendor advisories and patch information. Affected products include: Joomla Joomla\!.