CVE-2009-3628

The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to determine an encryption key via crafted input to a tt_content form element.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1.09:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.11:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.12:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*

History

21 Nov 2024, 01:07

Type Values Removed Values Added
References () http://marc.info/?l=oss-security&m=125632856206736&w=2 - () http://marc.info/?l=oss-security&m=125632856206736&w=2 -
References () http://secunia.com/advisories/37122 - Vendor Advisory () http://secunia.com/advisories/37122 - Vendor Advisory
References () http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016 - Vendor Advisory () http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016 - Vendor Advisory
References () http://www.securityfocus.com/bid/36801 - Patch () http://www.securityfocus.com/bid/36801 - Patch
References () http://www.vupen.com/english/advisories/2009/3009 - Vendor Advisory () http://www.vupen.com/english/advisories/2009/3009 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/53917 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/53917 -

Information

Published : 2009-11-02 15:30

Updated : 2024-11-21 01:07


NVD link : CVE-2009-3628

Mitre link : CVE-2009-3628

CVE.ORG link : CVE-2009-3628


JSON object : View

Products Affected

typo3

  • typo3
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor