Ubuntu.comUB:CVE-2014-3941

HistoryJun 03, 2014 - 12:00 a.m.

CVE-2014-3941

2014-06-0300:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0
before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have
unspecified impact via a crafted HTTP Host header, related to “Host
Spoofing.”

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749215>

References

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/

www.debian.org/security/2014/dsa-2942

www.openwall.com/lists/oss-security/2014/06/03/2

launchpad.net/bugs/cve/CVE-2014-3941

nvd.nist.gov/vuln/detail/CVE-2014-3941

security-tracker.debian.org/tracker/CVE-2014-3941

www.cve.org/CVERecord?id=CVE-2014-3941

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for UB:CVE-2014-3941