FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

typo3 -- multiple vulnerabilities in TYPO3 Core

Affected packages
typo3 < 4.2.10

Details

VuXML ID 6693bad2-ca50-11de-8ee8-00215c6a37bb
Discovery 2009-10-22
Entry 2009-11-05

TYPO3 develop team reports:

Affected versions: TYPO3 versions 4.0.13 and below, 4.1.12 and below, 4.2.9 and below, 4.3.0beta1 and below.

SQL injection, Cross-site scripting (XSS), Information disclosure, Frame hijacking, Remote shell command execution and Insecure Install Tool authentication/session handling.

[source]

References

Bugtraq ID 36801
CVE Name CVE-2009-3628
CVE Name CVE-2009-3629
CVE Name CVE-2009-3630
CVE Name CVE-2009-3631
CVE Name CVE-2009-3632
CVE Name CVE-2009-3633
CVE Name CVE-2009-3634
CVE Name CVE-2009-3635
CVE Name CVE-2009-3636
URL http://secunia.com/advisories/37122/
URL http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.