← Voltar para CVEs
CVE-2012-3527
N/ADescricao
view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature (HMAC)."
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado9/5/2012
Ultima modificacao4/11/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
debian:debian_linuxtypo3:typo3
Fraquezas (CWE)
CWE-502
Referencias
http://osvdb.org/84773(secalert@redhat.com)
http://secunia.com/advisories/50287(secalert@redhat.com)
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/(secalert@redhat.com)
http://www.debian.org/security/2012/dsa-2537(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/08/22/8(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/77791(secalert@redhat.com)
http://osvdb.org/84773(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/50287(af854a3a-2127-422b-91ae-364da2661108)
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2012/dsa-2537(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/08/22/8(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/77791(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.