[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-5102

Date: (C)2012-05-21   (M)2017-08-29
 
CVSS Score: 5.0Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: PARTIAL
 Availability: NONE











Directory traversal vulnerability in mod/tools/em/class.em_unzip.php in the unzip library in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote attackers to write arbitrary files via unspecified vectors.

Reference:
SECUNIA-35770
BID-45470
OSVDB-70119
http://www.openwall.com/lists/oss-security/2011/01/13/2
http://www.openwall.com/lists/oss-security/2012/05/11/3
http://www.openwall.com/lists/oss-security/2012/05/10/7
http://www.openwall.com/lists/oss-security/2012/05/12/5
http://bugs.typo3.org/view.php?id=16362
http://securesystems.ca/advisory.php?id=2010-001
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/
typo3-unspecified-file-include(64180)

CPE    29
cpe:/a:typo3:typo3:4.2.13
cpe:/a:typo3:typo3:4.2.14
cpe:/a:typo3:typo3:4.2.15
cpe:/a:typo3:typo3:4.3.4
...
CWE    1
CWE-22

© 2013 SecPod Technologies