Joomla Mosets Tree Component Image File Upload Security Issue

SECUNIA ADVISORY ID:
SA41429

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/41429/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=41429

RELEASE DATE:
2010-09-15
DESCRIPTION:
Jeff Channell has reported a security issue in the Mosets Tree
component for Joomla, which can be exploited by malicious users to
compromise a vulnerable system.

The security issue is caused due to the application improperly
validating uploaded image files when creating a listing. This can be
exploited to execute arbitrary PHP code by uploading e.g. a GIF file
with embedded PHP code and an appended ".php" file extension.

The security issue is reported in versions prior to 2.1.6.

SOLUTION:
Update to version 2.1.6.

PROVIDED AND/OR DISCOVERED BY:
Jeff Channell

ORIGINAL ADVISORY:
Jeff Channell:
http://jeffchannell.com/Joomla/joomla-component-mosets-tree-215-shell-upload-vulnerability.html

Mosets Tree:
http://forum.mosets.com/showthread.php?t=16601