CVE-2012-3527
CVE-2012-3527
view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature (HMAC)."
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://osvdb.org/84773http://secunia.com/advisories/50287https://exchange.xforce.ibmcloud.com/vulnerabilities/77791http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/http://www.debian.org/security/2012/dsa-2537http://www.openwall.com/lists/oss-security/2012/08/22/8