[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: joomla < 1.5.7
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2008-09-16 1:19:18
Message-ID: Pine.GSO.4.51.0809152115580.6953 () faron ! mitre ! org
[Download RAW message or body]


On Thu, 11 Sep 2008, Hanno [utf-8] Böck wrote:

> http://www.joomla.org/announcements/release-news/5212-joomla-157-security-release-now-available.html
>
> Security
>
>     * Several security issues were fixed in this release. There was 1
> critical, 1 major and 2 moderate security vulnerabilities fixed in 1.5.7. For
> more information, visit the Security Center.

more details were from http://developer.joomla.org/security.html


[20080902] - Core - Random Number Generation Flaw
http://developer.joomla.org/security/news/272-20080902-core-random-number-generation-flaw.html

Use CVE-2008-4102

------

[20080903] - Core - com_mailto Spam
http://developer.joomla.org/security/news/273-20080903-core-commailto-spam.html

Use CVE-2008-4103

------

[20080904] - Core - Redirect Spam
http://developer.joomla.org/security/news/274-20080904-core-redirect-spam.html

Use CVE-2008-4104

------

[20080901] - Core - JRequest Variable Injection
http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html

Use CVE-2008-4105


- Steve

[prev in list] [next in list] [prev in thread] [next in thread]