FKIE_CVE-2009-0815

Vulnerability from fkie_nvd - Published: 2009-03-05 02:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.
References
cve@mitre.orghttp://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1720Patch
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/10/6
cve@mitre.orghttp://www.securitytracker.com/id?1021710
af854a3a-2127-422b-91ae-364da2661108http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1720Patch
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/10/6
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021710
Impacted products
Vendor Product Version
typo3 typo3 3.3.x
typo3 typo3 3.5.x
typo3 typo3 3.6.x
typo3 typo3 3.7.x
typo3 typo3 3.8.x
typo3 typo3 4.0
typo3 typo3 4.1
typo3 typo3 4.1.0
typo3 typo3 4.1.2
typo3 typo3 4.1.3
typo3 typo3 4.1.4
typo3 typo3 4.1.5
typo3 typo3 4.1.6
typo3 typo3 4.1.7
typo3 typo3 4.1.8
typo3 typo3 4.1.9
typo3 typo3 4.2
typo3 typo3 4.2.0
typo3 typo3 4.2.1
typo3 typo3 4.2.2
typo3 typo3 4.2.3
typo3 typo3 4.2.4
typo3 typo3 4.2.5
typo3 typo3 4.3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "349BDDAD-35AE-44B6-9623-1ABAAFA16D57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "33152254-3B0B-4413-90F3-72A8B1ADDBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "78413B61-AAB7-485D-BD24-C8A6D7631281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6EAF89-59F9-4D06-A7AE-175816BB7E17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF63F45-3E42-4DD6-ABD3-BA67D04C8A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25EAE65C-1E17-48CD-B48C-E0BC09FB6596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F271C6-B5A7-4B06-A3DF-4C7F74090CC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC2F89D7-D34C-4ADD-8A9E-34C37122C3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B33D32-4D59-4768-A2C6-9DC7CD30F5E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4679B5DF-25FA-40E9-A322-DF1FF1BC7E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D69530-AE74-4012-B522-01D0B6B01662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5514D17F-95A5-48C5-9F91-554F8D3C3DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E46E35EC-FF7B-4510-A5F2-FC230B7477B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A671ED2-91AA-4447-8996-A8A16FE753A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4219A367-8431-4A72-AF73-ED2A853B14E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "74F10D45-FA29-4534-8789-201D194C46B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "884B4418-83A4-4BCB-8019-306285EB418E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D93919E9-B3E8-483E-A701-D87570127207",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B1326B-CB9E-4B40-85BD-05AF52E6A1D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDEAF6A-8A99-4872-98CC-12BD54515B07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8185B9-D244-43B3-9DF1-FF137A2108DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFAD319-DDFC-499F-86AB-141FBE435F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E068CC16-6995-40C6-BA24-9CA334C4CABB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "231CD899-2DC5-42CD-A4F9-4D00C2C11159",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request."
    },
    {
      "lang": "es",
      "value": "El mecanismo jumpUrl en la biblioteca class.tslib_fe.php en TYPO3 versi\u00f3n 3.3.x hasta 3.8.x, versi\u00f3n 4.0 anterior a 4.0.12, versi\u00f3n 4.1 anterior a 4.1.10, versi\u00f3n 4.2 anterior a 4.2.6 y versi\u00f3n 4.3alpha1, filtra un hash secreto (juHash) en un mensaje de error, que permite a los atacantes remotos leer archivos arbitrarios mediante la inclusi\u00f3n del hash en una petici\u00f3n."
    }
  ],
  "id": "CVE-2009-0815",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-03-05T02:30:00.563",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1720"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021710"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.