Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5890

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-5890
Last Modified 31 Jan 2013 11:53:12
Published 17 Nov 2012 04:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5890

Summary

The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.

Vulnerable Systems

Application

  • Stanislas Rolland Sr Feuser Register 1.4.7

  • Stanislas Rolland Sr Feuser Register 1.6.5

  • Stanislas Rolland Sr Feuser Register 1.6.6

  • Stanislas Rolland Sr Feuser Register 1.6.7

  • Stanislas Rolland Sr Feuser Register 1.6.8

  • Stanislas Rolland Sr Feuser Register 2.0.0

  • Stanislas Rolland Sr Feuser Register 2.1.0

  • Stanislas Rolland Sr Feuser Register 2.2.0

  • Stanislas Rolland Sr Feuser Register 2.2.1

  • Stanislas Rolland Sr Feuser Register 2.2.3

  • Stanislas Rolland Sr Feuser Register 2.2.4

  • Stanislas Rolland Sr Feuser Register 2.2.5

  • Stanislas Rolland Sr Feuser Register 2.3.0

  • Stanislas Rolland Sr Feuser Register 2.3.3

  • Stanislas Rolland Sr Feuser Register 2.3.4

  • Stanislas Rolland Sr Feuser Register 2.3.5

  • Stanislas Rolland Sr Feuser Register 2.3.6

  • Stanislas Rolland Sr Feuser Register 2.4

  • Stanislas Rolland Sr Feuser Register 2.5

  • Stanislas Rolland Sr Feuser Register 2.5.1

  • Stanislas Rolland Sr Feuser Register 2.5.11

  • Stanislas Rolland Sr Feuser Register 2.5.12

  • Stanislas Rolland Sr Feuser Register 2.5.13

  • Stanislas Rolland Sr Feuser Register 2.5.14

  • Stanislas Rolland Sr Feuser Register 2.5.15

  • Stanislas Rolland Sr Feuser Register 2.5.16

  • Stanislas Rolland Sr Feuser Register 2.5.17

  • Stanislas Rolland Sr Feuser Register 2.5.19

  • Stanislas Rolland Sr Feuser Register 2.5.2

  • Stanislas Rolland Sr Feuser Register 2.5.3

  • Stanislas Rolland Sr Feuser Register 2.5.4

  • Stanislas Rolland Sr Feuser Register 2.5.5

  • Stanislas Rolland Sr Feuser Register 2.5.6

  • Stanislas Rolland Sr Feuser Register 2.6.1


References

MISC - http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-002/

CONFIRM - http://forge.typo3.org/projects/extension-sr_feuser_register/repository/revisions/58720

CONFIRM - http://forge.typo3.org/projects/extension-sr_feuser_register/repository/entry/trunk/ChangeLog

XF - typo3-frontenduser-multiple-info-disclosure(80145)


Last Updated: 27 May 2016 10:55:05