Lucene search

RedhatCVE-2010-5102

HistoryMay 21, 2012 - 8:55 p.m.

CVE-2010-5102

2012-05-2120:55:17

CWE-22

redhat

web.nvd.nist.gov

cve-2010-5102

directory traversal

mod tools

class em unzip.php

typo3

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.9

Confidence

Low

EPSS

0.008

Percentile

82.2%

JSON

Directory traversal vulnerability in mod/tools/em/class.em_unzip.php in the unzip library in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote attackers to write arbitrary files via unspecified vectors.

Affected configurations

Nvd

Node

typo3typo3Match4.2.0

typo3typo3Match4.2.1

typo3typo3Match4.2.2

typo3typo3Match4.2.3

typo3typo3Match4.2.4

typo3typo3Match4.2.5

typo3typo3Match4.2.6

typo3typo3Match4.2.7

typo3typo3Match4.2.8

typo3typo3Match4.2.9

typo3typo3Match4.2.10

typo3typo3Match4.2.11

typo3typo3Match4.2.12

typo3typo3Match4.2.13

typo3typo3Match4.2.14

typo3typo3Match4.2.15

typo3typo3Match4.3.0

typo3typo3Match4.3.1

typo3typo3Match4.3.2

typo3typo3Match4.3.3

typo3typo3Match4.3.4

typo3typo3Match4.3.5

typo3typo3Match4.3.6

typo3typo3Match4.3.7

typo3typo3Match4.3.8

typo3typo3Match4.4.1

typo3typo3Match4.4.2

typo3typo3Match4.4.3

typo3typo3Match4.4.4

VendorProductVersionCPE
typo3typo34.2.0cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
typo3typo34.2.1cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
typo3typo34.2.2cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
typo3typo34.2.3cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
typo3typo34.2.4cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
typo3typo34.2.5cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
typo3typo34.2.6cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
typo3typo34.2.7cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
typo3typo34.2.8cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
typo3typo34.2.9cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
typo3	typo3	4.2.0	cpe:2.3:a:typo3:typo3:4.2.0:::::::*
typo3	typo3	4.2.1	cpe:2.3:a:typo3:typo3:4.2.1:::::::*
typo3	typo3	4.2.2	cpe:2.3:a:typo3:typo3:4.2.2:::::::*
typo3	typo3	4.2.3	cpe:2.3:a:typo3:typo3:4.2.3:::::::*
typo3	typo3	4.2.4	cpe:2.3:a:typo3:typo3:4.2.4:::::::*
typo3	typo3	4.2.5	cpe:2.3:a:typo3:typo3:4.2.5:::::::*
typo3	typo3	4.2.6	cpe:2.3:a:typo3:typo3:4.2.6:::::::*
typo3	typo3	4.2.7	cpe:2.3:a:typo3:typo3:4.2.7:::::::*
typo3	typo3	4.2.8	cpe:2.3:a:typo3:typo3:4.2.8:::::::*
typo3	typo3	4.2.9	cpe:2.3:a:typo3:typo3:4.2.9:::::::*

Rows per page:

1-10 of 291

References

bugs.typo3.org/view.php?id=16362

secunia.com/advisories/35770

securesystems.ca/advisory.php?id=2010-001

typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/

www.openwall.com/lists/oss-security/2011/01/13/2

www.openwall.com/lists/oss-security/2012/05/10/7

www.openwall.com/lists/oss-security/2012/05/11/3

www.openwall.com/lists/oss-security/2012/05/12/5

www.osvdb.org/70119

www.securityfocus.com/bid/45470

exchange.xforce.ibmcloud.com/vulnerabilities/64180

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.9

Confidence

Low

EPSS

0.008

Percentile

82.2%

JSON

Related for CVE-2010-5102