Vulnerabilities > CVE-2014-6235 - Remote Code Execution vulnerability in Kennziffer KE Dompdf 0.0.3

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
kennziffer
exploit available
NVD
Published: 2014-09-11
Updated: 2017-09-08

Summary

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.

Vulnerable Configurations

Part Description Count
Application
Kennziffer
1

Exploit-Db

descriptionTYPO3 ke DomPDF Extension - Remote Code Execution. CVE-2014-6235. Webapps exploit for php platform
idEDB-ID:35443
last seen2016-02-04
modified2014-12-02
published2014-12-02
reporterRedTeam Pentesting
sourcehttps://www.exploit-db.com/download/35443/
titleTYPO3 ke DomPDF Extension - Remote Code Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/129338/rt-sa-2014-007.txt
idPACKETSTORM:129338
last seen2016-12-05
published2014-12-01
reporterredteam-pentesting.de
sourcehttps://packetstormsecurity.com/files/129338/TYPO3-Extension-ke_dompdf-0.0.3-Remote-Code-Execution.html
titleTYPO3 Extension ke_dompdf 0.0.3 Remote Code Execution

References