oss-sec mailing list archives
Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 10 May 2012 20:28:25 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/10/2012 03:43 PM, Henri Salo wrote:
Hello, Issues in TYPO3-SA-2010-022 are still without CVE-identifiers if I am correct. http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/
OSVDB: 70116,70117,70118,70119,70120,70121,70122,70123
http://secunia.com/advisories/35770/ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607286 Originally requested in here http://seclists.org/oss-sec/2011/q1/76 - Henri Salo
CVE-2012-2342 TYPO3-SA-2010-022 #1 frontend click enlarge XSS CVE-2012-2343 TYPO3-SA-2010-022 #1 frontend form content object XSS CVE-2012-2344 TYPO3-SA-2010-022 #2 PHP file inclusion protection API CVE-2012-2345 TYPO3-SA-2010-022 #3 Install Tool XSS CVE-2012-2346 TYPO3-SA-2010-022 #4 Backend Remote File Disclosure CVE-2012-2347 TYPO3-SA-2010-022 #4 Backend Path Traversal CVE-2012-2348 TYPO3-SA-2010-022 #4 Backend SQL Injection CVE-2012-2349 TYPO3-SA-2010-022 #5 Database API info disclosure split #1 because it affects different versions, split #4 because it's 3 separate issues, same as the vendor did. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPrHlJAAoJEBYNRVNeJnmT/P0P+gJYKh0SguAkp8cMnZpoMt8v gy57tZtKme5puOg8wW+XOFMfWMrApVz7oEF/dehJ+Uf0X/cjuS5vu5gTlQ9Y2efj HrYNHcPC7aJSp5dxZ2hVYvio/CoyBvoJNRmms7guGQgZsx9YZRMTARlg89J3+D8e Q2vtdMruoAoq79VHSRu/zuijA4s1QGSTufcA6ZVJp1mTYE6m60EozQYxWc6IZfch dzR26OqMF1AruD387JlK4u+P6PXPp6MH9ExaCIZybVgEzdh1RSBo8+7HaHLbqeUr B6hD2/GXVVXZYHed8+S+B5Zshr9YAN8awGkmPleXCed+6ZCCkbuHOHyRkzE9BNHR tvxcBO86gAf2QOSS4CrBCWirrYOgMM/IKLTzxFyL8I1t+PvI/Abh45nW6+LGtya/ 6J9/NrdiZRccmRkR8aVq05UNeLFdHJyXAQPmbnZ2y/wGwZkkVDDjnu1ddtb5fGe2 q4qxnXgmiH1UW7TcLvD90ZZ0rHbUfqF0SzmWXu/IEArGLfmn+ziDFEjpLcOxTrCG S5MaRc9mGuC4WCB5GuLXpoWL7+Db/cdZ6bAITE3/rIHJMoyhUxahXBa85pUYlf7m z+yTJOv+8TmtzXDzENKSIStHbR68wmjp+GyyMb0F9czunqFq74WnsSqf5cWza121 Qz4Pu+K3dRJrsUsV0cpl =So9V -----END PGP SIGNATURE-----
Current thread:
- CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE Henri Salo (May 10)
- Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE Kurt Seifried (May 10)
- Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE Moritz Muehlenhoff (May 11)
- Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE Kurt Seifried (May 11)
- Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE Moritz Muehlenhoff (May 11)
- Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE Kurt Seifried (May 10)