CVE-2010-5099

{"id": "CVE-2010-5099", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-05-30T20:55:02.847", "references": [{"url": "http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/35770", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.exploit-db.com/exploits/15856", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/01/13/2", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/10/7", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/11/3", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/12/5", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64180", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php."}, {"lang": "es", "value": "La funcionalidad fileDenyPattern en la API de protecci\u00f3n de inclusi\u00f3n de archivos en TYPO3 v4.2.x antes de v4.2.16, v4.3.x antes de v4.3.9, y 4.4.x antes v4.4.5, no filtra correctamente los tipos de archivos, lo que permite a atacantes remotos evitar restricciones de acceso y acceder a archivos arbitrarios de PHP, como se ha demostrado utilizando secuencias de rutas transversales con bytes nulos 00% y CVE-2010-3714 para leer la clave de cifrado TYPO3 de localconf.php."}], "lastModified": "2017-08-29T01:29:13.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D93919E9-B3E8-483E-A701-D87570127207"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6B1326B-CB9E-4B40-85BD-05AF52E6A1D2"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDDEAF6A-8A99-4872-98CC-12BD54515B07"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D8185B9-D244-43B3-9DF1-FF137A2108DD"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFAD319-DDFC-499F-86AB-141FBE435F6E"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E068CC16-6995-40C6-BA24-9CA334C4CABB"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3B79B49-B4A1-472D-9F6E-BF9ADA3E2EC4"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26DF36E3-785F-4515-8999-BF48A255907F"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F143436A-848B-443F-95E2-B20BC2403CDC"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB5B21D3-7955-450F-8357-A37905B963B6"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CC67810-D2C5-4242-ACF2-CF7E9C56D7FE"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E485652B-FDE0-44C1-83F5-D22B16BEBB34"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3A987C0-51DF-464C-8F4D-03C9CAD256EB"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "718E405D-4127-4D0E-85BB-83800264AD61"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF72642B-8766-44A3-8CB0-D094929AAA6C"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF56D768-6D41-472D-AA42-0C209534AB30"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6066CFA2-202E-43A3-B1DF-36364ABD5A1A"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13C922A9-05A3-4D98-A568-F780CCA87E39"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44E9893A-2771-4C04-9F90-B10EE659088E"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31DA3600-C955-46B0-8BD9-C9B3FC0B81EC"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7ED0C04-33BA-4F9B-97B0-BB5D30C2A0D8"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E40CC0D-E7EF-4800-AC0B-5AF603B8BC6F"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16759F16-34C6-4C2C-BECB-12555EEEBDA3"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB331CC-3125-454E-BCBE-B85540B62110"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9B46AB0-D925-4E74-8D15-40EE3BC0B14A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:4.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A60F86FA-B7D3-4BE5-82F2-05F2A5F5663D"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9319A96-D510-47DB-9DBC-C16C0947E4C9"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40E0FDF1-E63C-48C9-98E2-55E3FD891882"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6D22400-E6A1-4C3A-B16F-E14672B86D14"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DFA0996-4839-4FDB-9B9D-5F8424946F9A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}