|
oss-sec
mailing list archives
CVE request: TYPO3-CORE-SA-2012-001
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 29 Mar 2012 22:44:32 +0200
I may have missed a previous request. If I can count properly, there
are four different issues:
| Vulnerable subcomponent: Extbase Framework
| Affected Versions:
| Versions 4.4.x and 4.5.x are not affected by this vulnerabilty.
| Vulnerability Type: Insecure Unserialize
|
| Problem Description: Due to a missing signature (HMAC) for a request
| argument, an attacker could unserialize arbitrary objects within
| TYPO3.
|
| To our knowledge it is neither possible to inject code through this
| vulnerability, nor are there exploitable objects within the TYPO3
| Core. However, there might be exploitable objects within third party
| extensions.
| Vulnerable subcomponent: TYPO3 Backend
| Vulnerability Type: Cross-Site Scripting
|
| Problem Description: Failing to properly HTML-encode user input in
| several places, the TYPO3 backend is susceptible to Cross-Site
| Scripting. A valid backend user is required to exploit these
| vulnerabilities.
| Vulnerable subcomponent: TYPO3 Command Line Interface
| Vulnerability Type: Information Disclosure
|
| Problem Description: Accessing a CLI Script directly with a browser
| may disclose the database name used for the TYPO3 installation.
| Vulnerable subcomponent: TYPO3 HTML Sanitizing API
| Vulnerability Type: Cross-Site Scripting
|
| Problem Description: By not removing non printable characters, the API
| method t3lib_div::RemoveXSS() fails to filter specially crafted HTML
| injections, thus is susceptible to Cross-Site Scripting.
<http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/>
 By Date 
By Thread
Current thread:
- CVE request: TYPO3-CORE-SA-2012-001 Florian Weimer (Mar 29)
|
