Lucene search
HistorySep 04, 2012 - 8:55 p.m.
CVE-2012-1605
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.6 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.5%
The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to “a missing signature (HMAC) for a request argument.”
Affected configurations
Node
typo3typo3Match4.6
ORtypo3typo3Match4.6.0
ORtypo3typo3Match4.6.1
ORtypo3typo3Match4.6.2
ORtypo3typo3Match4.6.3
ORtypo3typo3Match4.6.4
ORtypo3typo3Match4.6.5
ORtypo3typo3Match4.6.6
ORtypo3typo3Match4.7
ORtypo3typo3Match6.0
Related
openvas
openvas
TYPO3 Extbase HMAC Unserialization Weakness
2014-01-02 00:00:00
ubuntucve
ubuntucve
CVE-2012-1605
2012-09-04 00:00:00
github
github
Typo3 Extbase Framework Unsafe Deserialization
2022-05-17 05:23:50
cve
cve
CVE-2012-1605
2022-10-03 16:15:26
osv
osv
Typo3 Extbase Framework Unsafe Deserialization
2022-05-17 05:23:50
prion
prion
Design/Logic Flaw
2012-09-04 20:55:00
cvelist
cvelist
CVE-2012-1605
2022-10-03 16:15:26
typo3
typo3
Several Vulnerabilities in TYPO3 Core
2012-03-28 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.6 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.5%
Related for NVD:CVE-2012-1605