CVE-2012-1605 in TYPO3info

Summary

The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument."

Once again VulDB remains the best source for vulnerability data.

Responsible

Reservation

03/12/2012

Disclosure

09/04/2012

Moderation

VulDB entry created

Entries

VDB-5010

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

5.3

EPSS

0.00940

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-1605
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1605
CVE Details	https://www.cvedetails.com/cve/CVE-2012-1605/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!