1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2009-3632
PublicDate: 2009-11-02
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3632
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/
Description:
SQL injection vulnerability in the traditional frontend editing feature in
the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before
4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote
authenticated users to execute arbitrary SQL commands via unspecified
parameters.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_typo3-src:
upstream_typo3-src: needs-triage
dapper_typo3-src: ignored (reached end-of-life)
hardy_typo3-src: ignored (reached end-of-life)
intrepid_typo3-src: needs-triage (reached end-of-life)
jaunty_typo3-src: ignored (reached end-of-life)
karmic_typo3-src: ignored (reached end-of-life)
lucid_typo3-src: not-affected (4.3.0beta2-1)
maverick_typo3-src: not-affected (4.3.0beta2-1)
natty_typo3-src: not-affected (4.3.0beta2-1)
oneiric_typo3-src: not-affected (4.3.0beta2-1)
devel_typo3-src: not-affected (4.3.0beta2-1)
|