oss-sec mailing list archives
Re: Fwd Joomla! Security News 2012-01
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 25 Jan 2012 17:07:27 -0700
On 01/25/2012 07:17 AM, Henri Salo wrote:
Does someone know if these already have CVE-identifiers? Joomla just released this advisory. - Henri Salo ----- Forwarded message from Joomla! Developer Network - Security News <no_reply () joomla org> ----- Date: Wed, 25 Jan 2012 13:21:21 +0000 From: Joomla! Developer Network - Security News <no_reply () joomla org> To: henri () nerv fi Subject: Joomla! Security News Joomla! Developer Network - Security News
Are these the correct URL's/descriptions (see below)?
/////////////////////////////////////////// [20120101] - Core - Information Disclosure Posted: 23 Jan 2012 01:45 AM PST http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/MYKnZ2QJKYE/382-20120101-core-information-disclosure.html?utm_source=feedburner&utm_medium=email
http://developer.joomla.org/security/news/382-20120101-core-information-disclosure.html Project: Joomla! SubProject: All Severity: Low Versions: 1.7.3 and all earlier 1.7 and 1.6 versions Exploit type: Information Disclosure Reported Date: 2012-January-07 Fixed Date: 2012-January-24 Description Inadequate filtering leads to information disclosure. Affected Installs Joomla! version 1.7.3 and all earlier versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by Cyrille Barthelemy Contact The JSST at the Joomla! Security Center.
Project: Joomla! SubProject: All Severity: Low Versions: 1.7.3 and all earlier 1.7 and 1.6 versions Exploit type: Information Disclosure Reported Date: 2012-January-07 Fixed Date: 2012-January-24 Description Inadequate filtering leads to information disclosure. Affected Installs Joomla! version 1.7.3 and all earlier versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by Cyrille Barthelemy Contact The JSST at the Joomla! Security Center. /////////////////////////////////////////// [20120102] - Core - XSS Vulnerability Posted: 23 Jan 2012 01:45 AM PST http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/XAEsWEG3dgU/383-20120102-core-xss-vulnerability.html?utm_source=feedburner&utm_medium=email
developer.joomla.org/security/news/383-20120102-core-xss-vulnerability.html Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.3 and all earlier 1.7 and 1.6 versions Exploit type: XSS Vulnerability Reported Date: 2011-November-16 Fixed Date: 2012-January-24 Description Inadequate filtering leads to XSS vulnerability. Affected Installs Joomla! version 1.7.3 and all earlier versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by Ankita Kapadia Contact The JSST at the Joomla! Security Center.
Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.3 and all earlier 1.7 and 1.6 versions Exploit type: XSS Vulnerability Reported Date: 2011-November-16 Fixed Date: 2012-January-24 Description Inadequate filtering leads to XSS vulnerability. Affected Installs Joomla! version 1.7.3 and all earlier versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by Ankita Kapadia Contact The JSST at the Joomla! Security Center. /////////////////////////////////////////// [20120103] - Core - Information Disclosure Posted: 23 Jan 2012 01:45 AM PST http://feedproxy.google.com/~r/JoomlaSecurityNews/~3/Ed0TMAvyQ4g/384-20120103-core-information-disclosure.html?utm_source=feedburner&utm_medium=email
http://developer.joomla.org/security/news/384-20120103-core-information-disclosure.html Project: Joomla! SubProject: All Severity: Low Versions: 1.7.3 and all earlier 1.7 and 1.6 versions Exploit type: Information Disclosure Reported Date: 2011-December-19 Fixed Date: 2012-January-24 Description Inadequate filtering leads to information disclosure. Affected Installs Joomla! version 1.7.3 and all earlier versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by Jean-Marie Simonet Contact The JSST at the Joomla! Security Center.
Project: Joomla! SubProject: All Severity: Low Versions: 1.7.3 and all earlier 1.7 and 1.6 versions Exploit type: Information Disclosure Reported Date: 2011-December-19 Fixed Date: 2012-January-24 Description Inadequate filtering leads to information disclosure. Affected Installs Joomla! version 1.7.3 and all earlier versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by Jean-Marie Simonet Contact The JSST at the Joomla! Security Center. /////////////////////////////////////////// [20120104] - Core - XSS Vulnerability Posted: 23 Jan 2012 01:45 AM PST c
http://developer.joomla.org/security/news/385-20120104-core-xss-vulnerability.html Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.3 and all earlier versions Exploit type: XSS Vulnerability Reported Date: 2012-January-22 Fixed Date: 2012-January-24 Description Inadequate filtering leads to XSS vulnerability. Affected Installs Joomla! version 1.7.3 and all earlier 1.7 and 1.6 versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by David Jardin Contact The JSST at the Joomla! Security Center.
Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.3 and all earlier versions Exploit type: XSS Vulnerability Reported Date: 2012-January-22 Fixed Date: 2012-January-24 Description Inadequate filtering leads to XSS vulnerability. Affected Installs Joomla! version 1.7.3 and all earlier 1.7 and 1.6 versions Solution Upgrade to version 1.7.4 or 2.5.0 or higher Reported by David Jardin Contact The JSST at the Joomla! Security Center.
-- -- Kurt Seifried / Red Hat Security Response Team kseifried () redhat com
Current thread:
- Fwd Joomla! Security News 2012-01 Henri Salo (Jan 25)
- Re: Fwd Joomla! Security News 2012-01 Henri Salo (Jan 25)
- Re: Fwd Joomla! Security News 2012-01 Kurt Seifried (Jan 25)
- Re: Fwd Joomla! Security News 2012-01 Henri Salo (Jan 25)
- Re: Fwd Joomla! Security News 2012-01 Kurt Seifried (Jan 26)
- Re: Fwd Joomla! Security News 2012-01 Kurt Seifried (Jan 29)