Vulnerabilities > CVE-2012-1079 - Remote Code Execution vulnerability in TYPO3 Webservices Extension

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

helmut-hummel

typo3

NVD

Published: 2012-02-14

Updated: 2017-08-29

Summary

Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Helmut_Hummel Helmut Hummel Typo3 Webservice 0.3.3 Helmut Hummel Typo3 Webservice 0.3.4 Helmut Hummel Typo3 Webservice 0.3.5 Helmut Hummel Typo3 Webservice 0.3.6 Helmut Hummel Typo3 Webservice *	5
Application	Typo3 Typo3 Typo3 *	1

References

http://osvdb.org/78792
http://typo3.org/extensions/repository/view/typo3_webservice/0.3.8/
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/
http://www.securityfocus.com/bid/51843
https://exchange.xforce.ibmcloud.com/vulnerabilities/72965