Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 29 Mar 2012 22:44:32 +0200
From: Florian Weimer <>
Subject: CVE request: TYPO3-CORE-SA-2012-001

I may have missed a previous request.  If I can count properly, there
are four different issues:

| Vulnerable subcomponent: Extbase Framework
| Affected Versions:
|   Versions 4.4.x and 4.5.x are not affected by this vulnerabilty.
| Vulnerability Type: Insecure Unserialize
| Problem Description: Due to a missing signature (HMAC) for a request
| argument, an attacker could unserialize arbitrary objects within
| TYPO3.
| To our knowledge it is neither possible to inject code through this
| vulnerability, nor are there exploitable objects within the TYPO3
| Core. However, there might be exploitable objects within third party
| extensions.

| Vulnerable subcomponent: TYPO3 Backend
| Vulnerability Type: Cross-Site Scripting
| Problem Description: Failing to properly HTML-encode user input in
| several places, the TYPO3 backend is susceptible to Cross-Site
| Scripting. A valid backend user is required to exploit these
| vulnerabilities.

| Vulnerable subcomponent: TYPO3 Command Line Interface
| Vulnerability Type: Information Disclosure
| Problem Description: Accessing a CLI Script directly with a browser
| may disclose the database name used for the TYPO3 installation.

| Vulnerable subcomponent: TYPO3 HTML Sanitizing API
| Vulnerability Type: Cross-Site Scripting
| Problem Description: By not removing non printable characters, the API
| method t3lib_div::RemoveXSS() fails to filter specially crafted HTML
| injections, thus is susceptible to Cross-Site Scripting.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ