Lucene search
HistoryNov 02, 2009 - 3:30 p.m.
CVE-2009-3630
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.5%
The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to place arbitrary web sites in TYPO3 backend framesets via crafted parameters, related to a “frame hijacking” issue.
Affected configurations
Node
typo3typo3Range≤4.0.12
ORtypo3typo3Match0.1.2
ORtypo3typo3Match1.0.14
ORtypo3typo3Match1.1
ORtypo3typo3Match1.1.1
ORtypo3typo3Match1.1.09
ORtypo3typo3Match1.1.10
ORtypo3typo3Match1.2.0
ORtypo3typo3Match1.3.0
ORtypo3typo3Match1.3.2
ORtypo3typo3Match3.0
ORtypo3typo3Match3.3.x
ORtypo3typo3Match3.5
ORtypo3typo3Match3.5.x
ORtypo3typo3Match3.6.x
ORtypo3typo3Match3.7.0
ORtypo3typo3Match3.7.1
ORtypo3typo3Match3.7.x
ORtypo3typo3Match3.8
ORtypo3typo3Match3.8.x
ORtypo3typo3Match4.0
ORtypo3typo3Match4.0.1
ORtypo3typo3Match4.0.2
ORtypo3typo3Match4.0.3
ORtypo3typo3Match4.0.4
ORtypo3typo3Match4.0.5
ORtypo3typo3Match4.0.6
ORtypo3typo3Match4.0.7
ORtypo3typo3Match4.0.8
ORtypo3typo3Match4.0.9
ORtypo3typo3Match4.0.10
ORtypo3typo3Match4.0.11
ORtypo3typo3Match4.1.0
ORtypo3typo3Match4.1.0beta1
ORtypo3typo3Match4.1.0rc1
ORtypo3typo3Match4.1.1
ORtypo3typo3Match4.1.2
ORtypo3typo3Match4.1.3
ORtypo3typo3Match4.1.4
ORtypo3typo3Match4.1.5
ORtypo3typo3Match4.1.6
ORtypo3typo3Match4.1.7
ORtypo3typo3Match4.1.8
ORtypo3typo3Match4.1.9
ORtypo3typo3Match4.1.10
ORtypo3typo3Match4.1.11
ORtypo3typo3Match4.1.12
ORtypo3typo3Match4.2.0
ORtypo3typo3Match4.2.1
ORtypo3typo3Match4.2.2
ORtypo3typo3Match4.2.3
ORtypo3typo3Match4.2.4
ORtypo3typo3Match4.2.5
ORtypo3typo3Match4.2.6
ORtypo3typo3Match4.2.7
ORtypo3typo3Match4.2.8
ORtypo3typo3Match4.2.9
ORtypo3typo3Match4.3
ORtypo3typo3Match4.3alpha1
Related
ubuntucve
ubuntucve
CVE-2009-3630
2009-11-02 00:00:00
cve
cve
CVE-2009-3630
2009-11-02 15:30:00
cvelist
cvelist
CVE-2009-3630
2009-11-02 15:00:00
prion
prion
Design/Logic Flaw
2009-11-02 15:30:00
osv
osv
TYPO3 Backend vulnerable to Frame Hijacking
2022-05-02 03:46:56
typo3-src - several vulnerabilities
2009-11-04 00:00:00
github
github
TYPO3 Backend vulnerable to Frame Hijacking
2022-05-02 03:46:56
openvas
openvas
TYPO3 Multiple Vulnerabilities (Oct 2009)
2013-12-27 00:00:00
FreeBSD Ports: typo3
2009-11-11 00:00:00
Debian Security Advisory DSA 1926-1 (typo3-src)
2009-11-11 00:00:00
nessus
nessus
Debian DSA-1926-1 : typo3-src - several vulnerabilities
2010-02-24 00:00:00
freebsd
freebsd
typo3 -- multiple vulnerabilities in TYPO3 Core
2009-10-22 00:00:00
debian
debian
[SECURITY] [DSA 1926-1] New TYPO3 packages fix several vulnerabilities
2009-11-04 19:33:20
securityvulns
securityvulns
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.5%
Related for NVD:CVE-2009-3630