Welcome, Guest. Please login or register.

Author Topic: Joomla Security News [19 June 2012]  (Read 1072 times)

Offline surya

  • Administrator
  • Newbie
  • *****
  • Posts: 47
  • OS:
  • Windows XP Windows XP
  • Browser:
  • Firefox 3.6.13 Firefox 3.6.13
  • NIM: NONE
  • NIP: NONE
Joomla Security News [19 June 2012]
« on: June 22, 2012, 07:53:05 AM »
[20120601] - Core - Privilege Escalation

Posted: 19 Jun 2012 12:21 AM PDT

    * Project: Joomla!
    * SubProject: All
    * Severity: Medium High
    * Versions: 2.5.4 and all earlier 2.5.x versions
    * Exploit type: Privilege Escalation
    * Reported Date: 2012-April-29
    * Fixed Date: 2012-June-18

Description

Inadequate checking leads to possible user privilege escalation.
Affected Installs

Joomla! versions 2.5.4 and all earlier 2.5.x versions
Solution

Upgrade to version 2.5.5

Reported by Nils Rückmann
Contact

The JSST at the Joomla! Security Center.

==================================================================

[20120602] - Core - Information Disclosure

Posted: 19 Jun 2012 12:21 AM PDT

    * Project: Joomla!
    * SubProject: All
    * Severity: Low
    * Versions: 2.5.4 and all earlier 2.5.x versions
    * Exploit type: Information Disclosure
    * Reported Date: 2012-May-1
    * Fixed Date: 2012-June-18

Description

Inadequate filtering leads SQL error and information disclosure.
Affected Installs

Joomla! versions 2.5.4 and all earlier 2.5.x versions
Solution

Upgrade to version 2.5.5

Reported by Jakub Galczyk
Contact

The JSST at the Joomla! Security Center.