CVE-2013-5576 Information

Description

administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot) as exploited in the wild in August 2013.

Reference

http://developer.joomla.org/security/563-20130801-core-unauthorised-uploads.html http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31626 http://seclists.org/oss-sec/2013/q3/484 http://seclists.org/oss-sec/2013/q3/486 http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites/ http://www.exploit-db.com/exploits/27610 http://www.kb.cert.org/vuls/id/639620 https://github.com/joomla/joomla-cms/commit/1ed07e257a2c0794ba19e864f7c5101e7e8c41d2 https://github.com/joomla/joomla-cms/commit/fa5645208eefd70f521cd2e4d53d5378622133d8