Lucene search

K

MitreCVELIST:CVE-2006-6690

HistoryDec 21, 2006 - 9:00 p.m.

CVE-2006-6690

2006-12-2121:00:00

mitre

www.cve.org

3

AI Score

7.3

Confidence

High

EPSS

0.034

Percentile

91.6%

rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.

References

lists.netfielders.de/pipermail/typo3-announce/2006/000045.html

lists.netfielders.de/pipermail/typo3-announce/2006/000046.html

secunia.com/advisories/23446

secunia.com/advisories/23466

securityreason.com/securityalert/2056

securitytracker.com/id?1017428

typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9

www.sec-consult.com/272.html

www.securityfocus.com/archive/1/454944/100/0/threaded

www.securityfocus.com/bid/21680

www.vupen.com/english/advisories/2006/5094

AI Score

7.3

Confidence

High

EPSS

0.034

Percentile

91.6%

Related for CVELIST:CVE-2006-6690

nessus1 nvd1 openvas1 exploitdb1 cve1