Joomla Vulnerability -- New version available (July 31, 2009)

Started by Jason, July 31, 2009, 05:59:10 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Jason

July 31, 2009, 05:59:10 PM
Yes, it's been a week so here's a new vulnerability   ::)

Please update your Joomla installation to avoid compromise/exploitation.

http://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html

Quote
[20090723] - Core - com_mailto Timeout Issue

Posted: 22 Jul 2009 04:36 PM PDT

Project: Joomla!
SubProject: com_mailto
Severity: Low
Versions: 1.5.13 and all previous 1.5 releases
Exploit type: Email
Reported Date: 2009-July-28
Fixed Date: 2009-July-30
Description
In com_mailto, it was possible to bypass timeout protection against sending automated emails.

Affected Installs
All 1.5.x installs prior to and including 1.5.13 are affected.

Solution
Upgrade to latest Joomla! version (1.5.14 or newer).

Reported by WHK and Gergő Erdősi

Contact
The JSST at the Joomla! Security Center.

Mark

#1
August 04, 2009, 11:22:39 PM
At least they are small patches.
Print
Go Up Pages1
User actions