Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: TYPO3-CORE-SA-2012-001
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 29 Mar 2012 22:44:32 +0200

I may have missed a previous request.  If I can count properly, there
are four different issues:

| Vulnerable subcomponent: Extbase Framework
| Affected Versions:
|   Versions 4.4.x and 4.5.x are not affected by this vulnerabilty.
| Vulnerability Type: Insecure Unserialize
| 
| Problem Description: Due to a missing signature (HMAC) for a request
| argument, an attacker could unserialize arbitrary objects within
| TYPO3.
| 
| To our knowledge it is neither possible to inject code through this
| vulnerability, nor are there exploitable objects within the TYPO3
| Core. However, there might be exploitable objects within third party
| extensions.

| Vulnerable subcomponent: TYPO3 Backend
| Vulnerability Type: Cross-Site Scripting
| 
| Problem Description: Failing to properly HTML-encode user input in
| several places, the TYPO3 backend is susceptible to Cross-Site
| Scripting. A valid backend user is required to exploit these
| vulnerabilities.

| Vulnerable subcomponent: TYPO3 Command Line Interface
| Vulnerability Type: Information Disclosure
|
| Problem Description: Accessing a CLI Script directly with a browser
| may disclose the database name used for the TYPO3 installation.

| Vulnerable subcomponent: TYPO3 HTML Sanitizing API
| Vulnerability Type: Cross-Site Scripting
|
| Problem Description: By not removing non printable characters, the API
| method t3lib_div::RemoveXSS() fails to filter specially crafted HTML
| injections, thus is susceptible to Cross-Site Scripting.

<http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/>


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]