[TYPO3-UG Dutch] TYPO3 Security Bulletin TYPO3-20070608-1: SQL injection in macina_banners / ric_rotation]
Ric van Westhreenen|alterNET Internet BV
ric at alternet.nl
Mon Jun 11 14:53:04 CEST 2007
Ter info
==========
Dear users of TYPO3,
Several SQL Injections has been discovered in the extensions
macina_banners and its descendant ric_rotation.
==== Affected Versions ====
Affected is macina_banners (version 1.4.0 and below)
and its descendant ric_rotation (version 1.9.9 and below).
For clarification: ww_macinabanners is not affected.
==== Severity ====
HIGH (exploitations have been reported, so it is supposed to be "in
the wild")
You can view the entire bulletin page here at the below address:
http://typo3.org/teams/security/security-bulletins/typo3-20070608-1/
Regards,
Lars Houmark
TYPO3 Security Team
lars at typo3.org
--
Met vriendelijke groeten, kind regards,
drs Ric van Westhreenen
alterNET Internet BV
TYPO3 | Online Marketing | Domeinstrategie
Archimedesstraat 2
3316 AB Dordrecht
T. 078 635 1200
Skype: roodlicht <callto://roodlicht/>
F. 084 834 9697
M. 064 808 6196
W. www.alternet.nl <http://www.alternet.nl/>
KvK nr.: 23092865
----------------------------------------
Vacatures!
TYPO3 scripter / ontwikkelaar (locatie Hilversum)
http://www.alternet.nl/EM_VAC122006.401.0.html
*Disclaimer: *
This message (including any of its attachments) may contain confidential
and/or privileged information. If you are not the intended recipient,
please notify the sender immediately by e-mail or telephone +31 (0)78
6351200 and delete this message from your system. Any disclosure,
distribution, copying or printing of this message is strictly prohibited
unless otherwise stated. You are advised to carry out a virus scan
before opening any attachments as we do not accept any liability
whatsoever for any damage sustained as a result of any software viruses.
More information about the TYPO3-UG-dutch
mailing list