Test ID:	1.3.6.1.4.1.25623.1.0.804219
Category:	Web application abuses
Title:	TYPO3 Multiple Vulnerabilities (Oct 2010)
Summary:	TYPO3 is prone to multiple vulnerabilities.
Description:	Summary: TYPO3 is prone to multiple vulnerabilities. Vulnerability Insight: Multiple errors exist in the application: - An error exists in class.tslib_fe.php script, which does not properly compare certain hash values during access-control decisions. - An error exists backend and sys_action task, which fails to validate certain user provided input properly. - An error exists in Filtering API, which fails to handle large strings. Vulnerability Impact: Successful exploitation will allow remote attackers to get sensitive information or cause DoS condition. Affected Software/OS: TYPO3 version 4.2.14 and below, 4.3.6 and below, 4.4.3 and below Solution: Upgrade to TYPO3 version 4.2.15, 4.3.7, 4.4.4 or later. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3714 BugTraq ID: 43786 http://www.securityfocus.com/bid/43786 Debian Security Information: DSA-2121 (Google Search) http://www.debian.org/security/2010/dsa-2121 http://www.exploit-db.com/exploits/15856 http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3715 Common Vulnerability Exposure (CVE) ID: CVE-2010-3716 Common Vulnerability Exposure (CVE) ID: CVE-2010-3717 Common Vulnerability Exposure (CVE) ID: CVE-2010-4068
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.