Vulnerabilities > CVE-2009-4160 - Information Disclosure vulnerability in TYPO3 Simple download-system (kk_downloader)

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

kurt-kunig

typo3

NVD

Published: 2009-12-02

Updated: 2009-12-03

Summary

Unspecified vulnerability in the Simple download-system with counter and categories (kk_downloader) extension 1.2.1 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.

Vulnerable Configurations

Part	Description	Count
Application	Kurt_Kunig Kurt Kunig KK Downloader 1.1.0 Kurt Kunig KK Downloader 1.1.1 Kurt Kunig KK Downloader 1.1.2 Kurt Kunig KK Downloader 1.2.0 Kurt Kunig KK Downloader *	5
Application	Typo3 Typo3 Typo3 *	1

References

http://secunia.com/advisories/37550
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/
http://www.securityfocus.com/bid/37168