2011-03-09

Joomla!

ソフト名:Joomla! 1.6.1未満
回避策:アップデートにて対応
脆弱性:セキュリティ制限の回避, XSS, データ操作, 機密情報の奪取, DoS攻撃, CSRF, 不正HTMLの実行, スクリプトコード実行, リダイレクト脆弱性, 不正HTTPのリクエスト, 不正アクションの実行, ディスクリソースの浪費
ソース:
http://www.joomla.org/
http://www.joomla.org/announcements/release-news/5350-joomla-161-released.html
http://developer.joomla.org/security/news/328-20110201-core-sql-injection-path-disclosure
http://developer.joomla.org/security/news/329-20110202-core-path-disclosure
http://developer.joomla.org/security/news/330-20110203-core-xss-vulnerabilities
http://developer.joomla.org/security/news/331-20110204-core-xss-vulnerabilities
http://developer.joomla.org/security/news/332-20110301-core-information-disclosure
http://developer.joomla.org/security/news/333-20110302-core-redirect-vulnerabilities
http://developer.joomla.org/security/news/334-20110303-core-information-disclosure
http://developer.joomla.org/security/news/335-20110304-core-unauthorised-access
http://developer.joomla.org/security/news/336-20110305-core-csrf-vulnerability
http://developer.joomla.org/security/news/337-20110306-core-dos-vulnerabilities
http://developer.joomla.org/security/news/338-20110307-core-xss-vulnerabilities
http://developer.joomla.org/security/news/339-20110308-core-csrf-vulnerability
http://secunia.com/advisories/43658/
危険性:Medium Risk

0 件のコメント:

コメントを投稿