oss-sec mailing list archives
CVE request: TYPO3-EXT-SA-2014-002
From: Henri Salo <henri () nerv fi>
Date: Fri, 5 Sep 2014 11:59:39 +0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Can I get six 2014 CVEs for following vulnerabilities listed in TYPO3-EXT-SA-2014-002, thanks. Note that PHPIDS issue in this advisory already has CVE. http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-002/ http://osvdb.org/103323 http://osvdb.org/103324 http://osvdb.org/103325 http://osvdb.org/103326 http://osvdb.org/103327 http://osvdb.org/103328 http://osvdb.org/103329 Extension: Alphabetic Sitemap (alpha_sitemap) Affected Versions: 0.0.3 and all versions below Vulnerability Type: Cross-Site Scripting Severity: Medium Suggested CVSS v2.0: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:P/RL:U/RC:C Solution: Versions of this extension that are known to be vulnerable will no longer be available for download from the TYPO3 Extension Repository. The extension author failed in providing a security fix for the reported vulnerability in a decent amount of time. Please uninstall and delete the extension folder from your installation. Credits: Credits go to Wouter Wolters who discovered and reported the issue. - --- Extension: femanager (femanager) Affected Versions: 1.0.8 and all versions below Vulnerability Type: Privilege Escalation Severity: High Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:P/I:C/A:N/E:F/RL:O/RC:C Problem Description: Failing to properly check access rights, the extension is susceptible to privilege escalation, making it possible for a logged in frontend user to modify or delete other frontend user records. Solution: An updated version 1.0.9 is available from the TYPO3 extension manager and at http://typo3.org/extensions/repository/download/femanager/1.0.9/t3x/. Users of the extension are advised to update the extension as soon as possible. - --- Extension: Statistics (ke_stats) Affected Versions: 1.1.1 and all versions below Vulnerability Type: SQL Injection Severity: Critical Suggested CVSS v2.0: AV:N/AC:L/Au:N/C:C/I:P/A:N/E:F/RL:O/RC:C Solution: An updated version 1.1.2 is available from the TYPO3 extension manager and at http://typo3.org/extensions/repository/download/ke_stats/1.1.2/t3x/. Users of the extension are advised to update the extension as soon as possible. Note: This vulnerability is known to be exploited in the wild. Credits: Credits go to Extension Author Christian Bülter who discovered and reported the issue. - --- Extension: External links click statistics (outstats) Affected Versions: 0.0.3 and all versions below Vulnerability Type: Cross-Site Scripting Severity: Medium Suggested CVSS v2.0: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:P/RL:U/RC:C Solution: Versions of this extension that are known to be vulnerable will no longer be available for download from the TYPO3 Extension Repository. The extension author failed in providing a security fix for the reported vulnerability in a decent amount of time. Please uninstall and delete the extension folder from your installation. Credits: Credits go to TYPO3 Security Team Member Franz G. Jahn who discovered and reported the issue. - --- Extension: smarty (smarty) Affected Versions: 1.13.3 and all versions below Vulnerability Type: Arbitrary php include via template source file Severity: Medium Suggested CVSS v2.0: AV:N/AC:H/Au:S/C:C/I:C/A:P/E:P/RL:O/RC:C Problem Description: The extension smarty bundles the template engine smarty. Old versions of this library are known to be vulnerable to arbitrary php file include via template source file. Solution: An updated version 1.13.4 is available from the TYPO3 extension manager and at http://typo3.org/extensions/repository/download/smarty/1.13.4/t3x/. Users of the extension are advised to update the extension as soon as possible. Credits: Credits go to Extension Author Simon Tuck who discovered and reported the issue. - --- Extension: WEC Map (wec_map) Affected Versions: 3.0.2 and all versions below Vulnerability Type: SQL Injection and Cross-Site Scripting Severity: Medium Suggested CVSS v2.0: AV:N/AC:M/Au:N/C:C/I:P/A:N/E:P/RL:O/RC:C Solution: An updated version 3.0.3 is available from the TYPO3 extension manager and at http://typo3.org/extensions/repository/download/wec_map/3.0.3/t3x/. Users of the extension are advised to update the extension as soon as possible. Credits: Credits go to Extension Author Jan Bartels who discovered and reported the issue. - --- Henri Salo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQJe3sACgkQXf6hBi6kbk/FVgCgpT9LQeDY3wR/D/Eqx3Qoyi7H FOIAn0WAmWaxgB4e+SR/CdvnP+FchzjJ =WELV -----END PGP SIGNATURE-----
Current thread:
- CVE request: TYPO3-EXT-SA-2014-002 Henri Salo (Sep 05)