Lucene search

[email protected]NVD:CVE-2009-1264

HistoryApr 07, 2009 - 11:30 p.m.

CVE-2009-1264

2009-04-0723:30:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

56.7%

JSON

Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.

Affected configurations

Nvd

Node

typo3typo3

AND

stanislas_rollandsr_feuser_registerRange≤2.5.20

stanislas_rollandsr_feuser_registerMatch1.4

stanislas_rollandsr_feuser_registerMatch1.6

stanislas_rollandsr_feuser_registerMatch2.2.1

stanislas_rollandsr_feuser_registerMatch2.2.7

stanislas_rollandsr_feuser_registerMatch2.2.8

stanislas_rollandsr_feuser_registerMatch2.3

stanislas_rollandsr_feuser_registerMatch2.3.6

stanislas_rollandsr_feuser_registerMatch2.4

stanislas_rollandsr_feuser_registerMatch2.5

stanislas_rollandsr_feuser_registerMatch2.5.10

VendorProductVersionCPE
typo3typo3*cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register*cpe:2.3:a:stanislas_rolland:sr_feuser_register:*:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.4cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.4:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register1.6cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.2.1cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.1:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.2.7cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.7:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.2.8cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.8:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.3cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.3.6cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3.6:*:*:*:*:*:*:*
stanislas_rollandsr_feuser_register2.4cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
typo3	typo3	*	cpe:2.3:a:typo3:typo3::::::::
stanislas_rolland	sr_feuser_register	*	cpe:2.3:a:stanislas_rolland:sr_feuser_register::::::::
stanislas_rolland	sr_feuser_register	1.4	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.4:::::::*
stanislas_rolland	sr_feuser_register	1.6	cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6:::::::*
stanislas_rolland	sr_feuser_register	2.2.1	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.1:::::::*
stanislas_rolland	sr_feuser_register	2.2.7	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.7:::::::*
stanislas_rolland	sr_feuser_register	2.2.8	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.8:::::::*
stanislas_rolland	sr_feuser_register	2.3	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3:::::::*
stanislas_rolland	sr_feuser_register	2.3.6	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3.6:::::::*
stanislas_rolland	sr_feuser_register	2.4	cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.4:::::::*

Rows per page:

1-10 of 121

References

osvdb.org/53278

secunia.com/advisories/34586

typo3.org/extensions/repository/view/sr_feuser_register/2.5.21/

typo3.org/teams/security/security-bulletins/typo3-sa-2009-004/

www.securityfocus.com/bid/34374

www.vupen.com/english/advisories/2009/0938

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

56.7%

JSON

Related for NVD:CVE-2009-1264

prion1 cvelist1 cve1