Novell Home

CVE-2009-2395

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2009-2395 at MITRE

Description

SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

No Novell Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 GA
  • flash-player >= 10.0.32.18-0.1.1
sled11.x86-64
sled11.x86
SAT Patch Nr: 1149
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • flash-player >= 9.0.246.0-0.1
sles9-nld.x86-64
sles9-nld.x86
YOU Patch Nr: 12464
openSUSE 11.0
  • flash-player >= 9.0.246.0-0.1
openSUSE 11.1
  • flash-player >= 10.0.32.18-0.1.1

© 2014 Novell