[prev in list] [next in list] [prev in thread] [next in thread]
List: nyphp-joomla
Subject: [joomla] Fwd: Joomla! Security News
From: Laura Gordon <rytech123 () gmail ! com>
Date: 2012-04-03 12:25:48
Message-ID: CABbkB_fyTE0TKRox8vVkWiW27QXbwEU97+XtCZypux13F010dA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
fyi...
---------- Forwarded message ----------
From: Joomla! Developer Network - Security News <no_reply@joomla.org>
Date: Tue, Apr 3, 2012 at 8:22 AM
Subject: Joomla! Security News
To: rytech123@gmail.com
**
Joomla! Security News <http://developer.joomla.org/security/news.html>
<http://fusion.google.com/add?source=atgs&feedurl=http://feeds.feedburner.com/JoomlaSecurityNews>
------------------------------
[20120307] - Core - Information
Disclosure<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/qLQFOEsKrro/398-20120307-core-information-disclosure.html?utm_source=feedburner&utm_medium=email>
Posted: 03 Apr 2012 12:21 AM PDT
- *Project:* Joomla!
- *SubProject:* All
- * Severity:* Low
- *Versions:* 2.5.3 and all earlier 2.5.x versions
- *Exploit type:* Information Disclosure
- *Reported Date:* 2012-January-7
- *Fixed Date:* 2012-April-2
Description
Inadequate permission checking allows unauthorised viewing of some
administrative back end information.
Affected Installs
Joomla! versions 2.5.3 and all earlier 2.5.x versions
Solution
Upgrade to version 2.5.4
Reported by Cyrille Barthelemy
Contact
The JSST at the Joomla! Security Center.
<http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=qLQFOEsKrro:ExdixrJra5Q:yIl2AUoC8zA>
[20120308] - Core - XSS
Vulnerability<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/QmpconaVV9A/399-20120308-core-xss-vulnerability.html?utm_source=feedburner&utm_medium=email>
Posted: 03 Apr 2012 12:21 AM PDT
- *Project:* Joomla!
- *SubProject:* All
- * Severity:* Low
- *Versions:* 2.5.3 and all earlier 2.5.x versions
- *Exploit type:* XSS Vulnerability
- *Reported Date:* 2012-February-3
- *Fixed Date:* 2012-April-2
Description
Inadequate filtering in update manager leads to XSS vulnerability.
Affected Installs
Joomla! versions 2.5.3 and all earlier 2.5.x versions
Solution
Upgrade to version 2.5.4
Reported by Alex Andreae
Contact
The JSST at the Joomla! Security Center.
<http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=QmpconaVV9A:_ThWyuguTUs:yIl2AUoC8zA>
You are subscribed to email updates from Joomla! Developer Network -
Security News <http://developer.joomla.org/security/news.html>
To stop receiving these emails, you may unsubscribe
now<http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA>
. Email delivery powered by Google Google Inc., 20 West Kinzie, Chicago IL
USA 60610
--
I have a new email address: rytech123@gmail.com
Trainer with www.Video2Brain.com
Board Member of www.JoomlaNYC.org
Trainer for www.JoomlaTraining.com
Sponsor & Coordinator for www.JoomlaDayNYC.com
www.RytechSites.com
Dynamic Websites for your company!
[Attachment #5 (text/html)]
fyi...<br><br><div class="gmail_quote">---------- Forwarded message \
----------<br>From: <b class="gmail_sendername">Joomla! Developer Network - Security \
News</b> <span dir="ltr"><<a \
href="mailto:no_reply@joomla.org">no_reply@joomla.org</a>></span><br>
Date: Tue, Apr 3, 2012 at 8:22 AM<br>Subject: Joomla! Security News<br>To: <a \
href="mailto:rytech123@gmail.com">rytech123@gmail.com</a><br><br><br><u></u>
<div>
<div style="line-height:140%;font-size:9px;font-family:Arial,Helvetica,sans-serif;margin:0 \
2em"> <table style="border:0;padding:0;margin:0;width:100%">
<tbody><tr>
<td style="vertical-align:top" width="99%">
<h1 style="margin:0;padding-bottom:6px">
<a style="color:#888;font-size:22px;font-family:Arial,Helvetica,sans-serif;font-weight:normal;text-decoration:none" \
href="http://developer.joomla.org/security/news.html" \
title="(http://developer.joomla.org/security/news.html)" target="_blank">Joomla! \
Security News</a> <br>
<a href="http://fusion.google.com/add?source=atgs&feedurl=http://feeds.feedburner.com/JoomlaSecurityNews" \
target="_blank"> <img style="padding-top:6px" alt="" \
src="http://gmodules.com/ig/images/plus_google.gif" border="0"> </a>
</h1>
</td>
<td width="1%"></td>
</tr>
</tbody></table>
<hr style="border:1px solid #ccc;padding:0;margin:0">
<table>
<tbody><tr>
<td style="margin-bottom:0;line-height:1.4em">
<p style="margin:1em 0 3px 0">
<a name="13678282e602db47_1" \
style="font-family:Arial,Helvetica,sans-serif;font-size:9px" \
href="http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/qLQFOEsKrro/398-20120307-core-information-disclosure.html?utm_source=feedburner&utm_medium=email" \
target="_blank">[20120307] - Core - Information Disclosure</a> </p>
<p style="font-size:9px;color:#555;margin:9px 0 3px \
0;font-family:Arial,Helvetica,sans-serif;line-height:140%;font-size:9px"> \
<span>Posted:</span> 03 Apr 2012 12:21 AM PDT</p> <div \
style="line-height:140%;font-size:9px;font-family:Arial,Helvetica,sans-serif;margin:0"><ul>
<li><b>Project:</b> Joomla!</li>
<li><b>SubProject:</b> All</li>
<li><b> Severity:</b> Low</li>
<li><b>Versions:</b> 2.5.3 and all earlier 2.5.x versions</li>
<li><b>Exploit type:</b> Information Disclosure</li>
<li><b>Reported Date:</b> 2012-January-7</li>
<li><b>Fixed Date:</b> 2012-April-2</li>
</ul>
<h2>Description</h2>
<p>Inadequate permission checking allows unauthorised viewing of some administrative \
back end information.</p> <h2>Affected Installs</h2>
<p>Joomla! versions 2.5.3 and all earlier 2.5.x versions</p>
<h2>Solution</h2>
<p>Upgrade to version 2.5.4</p>
<p>Reported by <span dir="ltr">Cyrille Barthelemy<br></span></p>
<h2>Contact</h2>
<p>The JSST at the Joomla! Security Center.</p><div>
<a href="http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=qLQFOEsKrro:ExdixrJra5Q:yIl2AUoC8zA" \
target="_blank"><img \
src="http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?d=yIl2AUoC8zA" \
border="0"></a> </div><img \
src="http://feeds.feedburner.com/%7Er/JoomlaSecurityNews/%7E4/qLQFOEsKrro?utm_source=feedburner&utm_medium=email" \
width="1" height="1"></div> </td>
</tr>
<tr>
<td style="margin-bottom:0;line-height:1.4em">
<p style="margin:1em 0 3px 0">
<a name="13678282e602db47_2" \
style="font-family:Arial,Helvetica,sans-serif;font-size:9px" \
href="http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/QmpconaVV9A/399-20120308-core-xss-vulnerability.html?utm_source=feedburner&utm_medium=email" \
target="_blank">[20120308] - Core - XSS Vulnerability</a> </p>
<p style="font-size:9px;color:#555;margin:9px 0 3px \
0;font-family:Arial,Helvetica,sans-serif;line-height:140%;font-size:9px"> \
<span>Posted:</span> 03 Apr 2012 12:21 AM PDT</p> <div \
style="line-height:140%;font-size:9px;font-family:Arial,Helvetica,sans-serif;margin:0"><ul>
<li><b>Project:</b> Joomla!</li>
<li><b>SubProject:</b> All</li>
<li><b> Severity:</b> Low</li>
<li><b>Versions:</b> 2.5.3 and all earlier 2.5.x versions</li>
<li><b>Exploit type:</b> XSS Vulnerability</li>
<li><b>Reported Date:</b> 2012-February-3</li>
<li><b>Fixed Date:</b> 2012-April-2</li>
</ul>
<h2>Description</h2>
<p>Inadequate filtering in update manager leads to XSS vulnerability.</p>
<h2>Affected Installs</h2>
<p>Joomla! versions 2.5.3 and all earlier 2.5.x versions</p>
<h2>Solution</h2>
<p>Upgrade to version 2.5.4</p>
<p>Reported by <span dir="ltr">Alex Andreae</span></p>
<h2>Contact</h2>
<p>The JSST at the Joomla! Security Center.</p><div>
<a href="http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=QmpconaVV9A:_ThWyuguTUs:yIl2AUoC8zA" \
target="_blank"><img \
src="http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?d=yIl2AUoC8zA" \
border="0"></a> </div><img \
src="http://feeds.feedburner.com/%7Er/JoomlaSecurityNews/%7E4/QmpconaVV9A?utm_source=feedburner&utm_medium=email" \
width="1" height="1"></div> </td>
</tr>
</tbody></table>
<table style="border-top:1px solid #999;padding-top:4px;margin-top:1.5em;width:100%">
<tbody><tr>
<td style="text-align:left;font-family:Helvetica,Arial,Sans-Serif;font-size:11px;margin:0 \
6px 1.2em 0;color:#333">You are subscribed to email updates from <a \
href="http://developer.joomla.org/security/news.html" target="_blank">Joomla! \
Developer Network - Security News</a> <br>To stop receiving these emails, you may <a \
href="http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA" \
target="_blank">unsubscribe now</a>.</td> <td \
style="font-family:Helvetica,Arial,Sans-Serif;font-size:11px;margin:0 6px 1.2em \
0;color:#333;text-align:right;vertical-align:top">Email delivery powered by \
Google</td> </tr>
<tr>
<td colspan="2" style="text-align:left;font-family:Helvetica,Arial,Sans-Serif;font-size:11px;margin:0 \
6px 1.2em 0;color:#333">Google Inc., 20 West Kinzie, Chicago IL USA 60610</td> </tr>
</tbody></table>
</div>
</div>
</div><br><br clear="all"><br>-- <br>I have a new email address: <a \
href="mailto:rytech123@gmail.com" \
target="_blank">rytech123@gmail.com</a><br><br>Trainer with <a \
href="http://www.Video2Brain.com" target="_blank">www.Video2Brain.com</a><br> Board \
Member of <a href="http://www.JoomlaNYC.org" \
target="_blank">www.JoomlaNYC.org</a><br>Trainer for <a \
href="http://www.JoomlaTraining.com" \
target="_blank">www.JoomlaTraining.com</a><br>Sponsor & Coordinator for <a \
href="http://www.JoomlaDayNYC.com" target="_blank">www.JoomlaDayNYC.com</a><br> \
<br><a href="http://www.RytechSites.com" \
target="_blank">www.RytechSites.com</a><br>Dynamic Websites for your \
company!<br><br><br><br>
_______________________________________________
New York PHP SIG: Joomla! Mailing List
http://lists.nyphp.org/mailman/listinfo/joomla
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic