Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1843

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2013-1843
Last Modified 04 Jun 2013 11:42:38
Published 20 Mar 2013 11:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-1843

Summary

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Vulnerable Systems

Application

  • Typo3 4.5

  • Typo3 4.5.0

  • Typo3 4.5.1

  • Typo3 4.5.10

  • Typo3 4.5.11

  • Typo3 4.5.12

  • Typo3 4.5.13

  • Typo3 4.5.14

  • Typo3 4.5.15

  • Typo3 4.5.16

  • Typo3 4.5.17

  • Typo3 4.5.18

  • Typo3 4.5.19

  • Typo3 4.5.2

  • Typo3 4.5.22

  • Typo3 4.5.23

  • Typo3 4.5.3

  • Typo3 4.5.4

  • Typo3 4.5.5

  • Typo3 4.5.6

  • Typo3 4.5.7

  • Typo3 4.5.8

  • Typo3 4.5.9

  • Typo3 4.6

  • Typo3 4.6.0

  • Typo3 4.6.1

  • Typo3 4.6.10

  • Typo3 4.6.11

  • Typo3 4.6.12

  • Typo3 4.6.13

  • Typo3 4.6.14

  • Typo3 4.6.15

  • Typo3 4.6.16

  • Typo3 4.6.2

  • Typo3 4.6.3

  • Typo3 4.6.4

  • Typo3 4.6.5

  • Typo3 4.6.6

  • Typo3 4.6.7

  • Typo3 4.6.8

  • Typo3 4.6.9

  • Typo3 4.7

  • Typo3 4.7.0

  • Typo3 4.7.1

  • Typo3 4.7.2

  • Typo3 4.7.3

  • Typo3 4.7.4

  • Typo3 4.7.5

  • Typo3 4.7.6

  • Typo3 4.7.7

  • Typo3 4.7.8

  • Typo3 6.0

  • Typo3 6.0.1

  • Typo3 6.0.2


References

BID - 58330

OSVDB - 90924

MLIST - [oss-security] 20130311 Re: CVE Request: typo3 sql injection and open redirection

DEBIAN - DSA-2646

CONFIRM - http://typo3.org/support/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/sql-injection-and-open-redirection-in-typo3-core/

SECUNIA - 52638

SECUNIA - 52433

SUSE - openSUSE-SU-2013:0510


Last Updated: 27 May 2016 11:02:06