oss-sec mailing list archives
CVE-request: Joomla! Security News 2012-02-03
From: Henri Salo <henri () nerv fi>
Date: Fri, 3 Feb 2012 15:25:02 +0200
And again few Joomla security issues without CVE. - Henri Salo ----- Forwarded message from Joomla! Developer Network - Security News <no_reply () joomla org> ----- Date: Fri, 03 Feb 2012 13:11:55 +0000 From: Joomla! Developer Network - Security News <no_reply () joomla org> To: henri () nerv fi Subject: Joomla! Security News Joomla! Developer Network - Security News /////////////////////////////////////////// [20120201] - Core - Information Disclosure Posted: 01 Feb 2012 09:25 PM PST http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/PkBR45UJQxo/387-20120201-core-information-disclosure.html?utm_source=feedburner&utm_medium=email Project: Joomla! SubProject: All Severity: Low Versions: 2.5.0 and 1.7.0 - 1.7.4 Exploit type: Information Disclosure Reported Date: 2012-January-29 Fixed Date: 2012-February-02 Description Inadequate validation leads to information disclosure in administrator. Affected Installs Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions Solution Upgrade to version 1.7.5 or 2.5.1 or higher Reported by Jakub Galczyk Contact The JSST at the Joomla! Security Center. /////////////////////////////////////////// [20120202] - Core - Information Disclosure Posted: 01 Feb 2012 09:25 PM PST http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/MFhhodAeXho/388-20120202-core-information-disclosure.html?utm_source=feedburner&utm_medium=email Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.4 and all earlier 1.7.x versions Exploit type: Information Disclosure Reported Date: 2012-January-06 Fixed Date: 2012-February-02 Description On some servers the error log could be read by unauthorised users. Affected Installs Joomla! version 1.7.4 and all earlier 1.7.x versions Solution Upgrade to version 2.5.1 or 1.7.5 or higher Reported by Alain Rivest Contact The JSST at the Joomla! Security Center. /////////////////////////////////////////// [20120203] - Core - Information Disclosure Posted: 01 Feb 2012 09:25 PM PST http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/LY07jV4Rnvs/389-20120203-core-information-disclosure.html?utm_source=feedburner&utm_medium=email Project: Joomla! SubProject: All Severity: Low Versions: 2.5.0 and 1.7.0 - 1.7.4 Exploit type: Information Disclosure Reported Date: 2012-January-29 Fixed Date: 2012-February-02 Description Inadequate validation leads to path disclosure in administrator. Affected Installs Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions Solution Upgrade to version 2.5.1 or 1.7.5 or higher Reported by Jakub Galczyk Contact The JSST at the Joomla! Security Center. -- You are subscribed to email updates from "Joomla! Developer Network - Security News." To stop receiving these emails, you may unsubscribe now: http://feedburner.google.com/fb/a/mailunsubscribe?k=JWlBXz9w0F12fWtPu46jwc9_Jcc Email delivery powered by Google. Google Inc., 20 West Kinzie, Chicago IL USA 60610 ----- End forwarded message -----
Current thread:
- CVE-request: Joomla! Security News 2012-02-03 Henri Salo (Feb 03)
- Re: CVE-request: Joomla! Security News 2012-02-03 Kurt Seifried (Feb 03)