Read here why it is not, and why you should migrate to Joomla 2.5 as soon as possible:

http://www.itoctopus.com/is-joomla-1-5-26-still-secure

An interesting read about the "rules of engagement" (or rather, lack thereof) when dealing with Joomla websites:

http://www.itoctopus.com/10-reasons-why-your-joomla-website-got-hacked