VUPEN - TYPO3 Multiple Code Injection and Information Disclosure Vulnerabilities / Exploit (Security Advisories

	About Us \| Contact Us

VUPEN Free Resources

VUPEN Security Advisories

VUPEN Security Blog & News

Zero-day Attacks Monitor

Daily Security Mailinglist

Explanation of Terms

Advanced Search Engine

TYPO3 Multiple Code Injection and Information Disclosure Vulnerabilities

VUPEN ID	VUPEN/ADV-2009-3009
CVE ID	CVE-2009-3628 - CVE-2009-3629 - CVE-2009-3630 - CVE-2009-3631 - CVE-2009-3632 - CVE-2009-3633 - CVE-2009-3634 - CVE-2009-3635 - CVE-2009-3636
CWE ID	Available in VUPEN VNS Customer Area
CVSS V2	Available in VUPEN VNS Customer Area
Rated as	High Risk
Impact	Available in VUPEN VNS Customer Area
Authentication Level	Available in VUPEN VNS Customer Area
Access Vector	Available in VUPEN VNS Customer Area
Release Date	2009-10-23
Share

Technical Description

Multiple vulnerabilities have been identified in TYPO3, which could be exploited by attackers to bypass security restrictions, gain knowledge of sensitive information or compromise a vulnerable system. These issues are caused by input validation and design errors in the Backend, Frontend Editing, Frontend Login Box (felogin) and Install Tool components, and within the API function "t3lib_div::quoteJSvalue" when processing user-supplied URL parameters or data, which could allow cross site scripting and SQL injection attacks, information disclosure, frame and session hijacking, and shell command injection.

Affected Products

TYPO3 version 4.0.13 and prior
TYPO3 version 4.1.12 and prior
TYPO3 version 4.2.9 and prior
TYPO3 version 4.3.0beta1 and prior

Solution

Upgrade to TYPO3 version 4.1.13, 4.2.10 or 4.3beta2 :
http://typo3.org/download/

References

http://www.vupen.com/english/advisories/2009/3009
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/

Credits

Vulnerabilities reported by Stefan Schuler, Stefan Esser, Marcus Krause, Jelmer de Hen, Christian Welzel, Christian Weiske, Andreas Schnapp, Sebastian Spooren, Chirs John Riley, Stefan Lang, Bernhard Kraft and Susanne Moog.

Changelog

2009-10-23 : Initial release

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Monthly Statistics

VUPEN Security Advisories By Criticality: Aug 2010
Critical Risk	: 0%
High Risk	: 0%
Moderate Risk	: 0%
Low Risk	: 100%

Get a real-time view of the vulnerabilities affecting your systems using the VUPEN VNS reporting capabilities.

Try VUPEN VNS