Lucene search
HistoryJun 03, 2014 - 2:55 p.m.
CVE-2014-3942
typo3
color picker wizard
cve-2014-3942
remote code execution
nvd
security vulnerability
7 High
AI Score
Confidence
Low
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.9%
The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, and 6.1.0 before 6.1.9 allows remote authenticated editors to execute arbitrary PHP code via a serialized PHP object.
Related
prion
prion
Code injection
2014-06-03 14:55:00
cvelist
cvelist
CVE-2014-3942
2014-06-03 14:00:00
ubuntucve
ubuntucve
CVE-2014-3942
2014-06-03 00:00:00
openvas
openvas
TYPO3 Color Picker Wizard Remote PHP Code Execution Vulnerability
2014-07-03 00:00:00
Debian: Security Advisory (DSA-2942-1)
2014-05-31 00:00:00
Debian Security Advisory DSA 2942-1 (typo3-src - security update)
2014-06-01 00:00:00
nessus
nessus
openSUSE Security Update : typo3-cms-4_5 (openSUSE-SU-2014:0813-1)
2014-06-19 00:00:00
osv
osv
typo3-src - security update
2014-06-01 00:00:00
typo3
typo3
Multiple Vulnerabilities in TYPO3 CMS
2014-05-22 00:00:00
securityvulns
securityvulns
7 High
AI Score
Confidence
Low
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.9%
Related for CVE-2014-3942