CVE-2012-1599

Published: Dec 3, 2012Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end information" via unknown vectors. NOTE: this might be a duplicate of CVE-2012-1611.

Affected (27)

Products: Joomla: Joomla!

Joomla

1 product

Joomla!

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Joomla Joomla!	Version 1.5.0
Joomla Joomla!	Version 1.5.10
Joomla Joomla!	Version 1.5.11
Joomla Joomla!	Version 1.5.12
Joomla Joomla!	Version 1.5.13
Joomla Joomla!	Version 1.5.14
Joomla Joomla!	Version 1.5.15
Joomla Joomla!	Version 1.5.15 rc
Joomla Joomla!	Version 1.5.16
Joomla Joomla!	Version 1.5.17
Joomla Joomla!	Version 1.5.18
Joomla Joomla!	Version 1.5.19
Joomla Joomla!	Version 1.5.1
Joomla Joomla!	Version 1.5.20
Joomla Joomla!	Version 1.5.21
Joomla Joomla!	Version 1.5.22
Joomla Joomla!	Version 1.5.23
Joomla Joomla!	Version 1.5.24
Joomla Joomla!	Version 1.5.25
Joomla Joomla!	Version 1.5.2
Joomla Joomla!	Version 1.5.3
Joomla Joomla!	Version 1.5.4
Joomla Joomla!	Version 1.5.5
Joomla Joomla!	Version 1.5.6
Joomla Joomla!	Version 1.5.7
Joomla Joomla!	Version 1.5.8
Joomla Joomla!	Version 1.5.9

Related CWEs

CWE-264

References (4)

http://developer.joomla.org/security/news/397-20120306-core-information-disclosure.html

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/03/29/5

Source: secalert@redhat.com

http://developer.joomla.org/security/news/397-20120306-core-information-disclosure.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/03/29/5

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.