CVE-2009-0815 - Vulnerability Details - OpenCVE

The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Typo3	Typo3

Configuration 1 [-]

OR	cpe:2.3:a:typo3:typo3:3.3.x:::::::*
	cpe:2.3:a:typo3:typo3:3.5.x:::::::*
	cpe:2.3:a:typo3:typo3:3.6.x:::::::*
	cpe:2.3:a:typo3:typo3:3.7.x:::::::*
	cpe:2.3:a:typo3:typo3:3.8.x:::::::*
	cpe:2.3:a:typo3:typo3:4.0:::::::*
	cpe:2.3:a:typo3:typo3:4.1:::::::*
	cpe:2.3:a:typo3:typo3:4.1.0:::::::*
	cpe:2.3:a:typo3:typo3:4.1.2:::::::*
	cpe:2.3:a:typo3:typo3:4.1.3:::::::*
	cpe:2.3:a:typo3:typo3:4.1.4:::::::*
	cpe:2.3:a:typo3:typo3:4.1.5:::::::*
	cpe:2.3:a:typo3:typo3:4.1.6:::::::*
	cpe:2.3:a:typo3:typo3:4.1.7:::::::*
	cpe:2.3:a:typo3:typo3:4.1.8:::::::*
	cpe:2.3:a:typo3:typo3:4.1.9:::::::*
	cpe:2.3:a:typo3:typo3:4.2:::::::*
	cpe:2.3:a:typo3:typo3:4.2.0:::::::*
	cpe:2.3:a:typo3:typo3:4.2.1:::::::*
	cpe:2.3:a:typo3:typo3:4.2.2:::::::*
	cpe:2.3:a:typo3:typo3:4.2.3:::::::*
	cpe:2.3:a:typo3:typo3:4.2.4:::::::*
	cpe:2.3:a:typo3:typo3:4.2.5:::::::*
	cpe:2.3:a:typo3:typo3:4.3:alpha1::::::

No data.

References

Link	Providers
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
http://www.debian.org/security/2009/dsa-1720
http://www.openwall.com/lists/oss-security/2009/02/10/6
http://www.securitytracker.com/id?1021710

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-03-05T02:00:00

Updated: 2024-08-07T04:48:52.184Z

Reserved: 2009-03-04T00:00:00

Link: CVE-2009-0815

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-03-05T02:30:00.563

Modified: 2024-11-21T01:00:58.503

Link: CVE-2009-0815

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-02-10T00:00:00", "descriptions": [{"lang": "en", "value": "The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-04-27T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20090210 CVE request: typo3 xss (typo3-sa-2009-002)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"}, {"name": "DSA-1720", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1720"}, {"name": "1021710", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021710"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0815", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20090210 CVE request: typo3 xss (typo3-sa-2009-002)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"}, {"name": "DSA-1720", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1720"}, {"name": "1021710", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021710"}, {"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/", "refsource": "CONFIRM", "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:48:52.184Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20090210 CVE request: typo3 xss (typo3-sa-2009-002)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"}, {"name": "DSA-1720", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1720"}, {"name": "1021710", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021710"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0815", "datePublished": "2009-03-05T02:00:00", "dateReserved": "2009-03-04T00:00:00", "dateUpdated": "2024-08-07T04:48:52.184Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*", "matchCriteriaId": "349BDDAD-35AE-44B6-9623-1ABAAFA16D57", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*", "matchCriteriaId": "33152254-3B0B-4413-90F3-72A8B1ADDBD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*", "matchCriteriaId": "78413B61-AAB7-485D-BD24-C8A6D7631281", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*", "matchCriteriaId": "CD6EAF89-59F9-4D06-A7AE-175816BB7E17", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*", "matchCriteriaId": "CFF63F45-3E42-4DD6-ABD3-BA67D04C8A40", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "25EAE65C-1E17-48CD-B48C-E0BC09FB6596", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2F271C6-B5A7-4B06-A3DF-4C7F74090CC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC2F89D7-D34C-4ADD-8A9E-34C37122C3C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6B33D32-4D59-4768-A2C6-9DC7CD30F5E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4679B5DF-25FA-40E9-A322-DF1FF1BC7E7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "96D69530-AE74-4012-B522-01D0B6B01662", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "5514D17F-95A5-48C5-9F91-554F8D3C3DF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "E46E35EC-FF7B-4510-A5F2-FC230B7477B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "5A671ED2-91AA-4447-8996-A8A16FE753A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "4219A367-8431-4A72-AF73-ED2A853B14E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "74F10D45-FA29-4534-8789-201D194C46B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "884B4418-83A4-4BCB-8019-306285EB418E", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D93919E9-B3E8-483E-A701-D87570127207", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F6B1326B-CB9E-4B40-85BD-05AF52E6A1D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "FDDEAF6A-8A99-4872-98CC-12BD54515B07", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D8185B9-D244-43B3-9DF1-FF137A2108DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "7FFAD319-DDFC-499F-86AB-141FBE435F6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E068CC16-6995-40C6-BA24-9CA334C4CABB", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*", "matchCriteriaId": "231CD899-2DC5-42CD-A4F9-4D00C2C11159", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request."}, {"lang": "es", "value": "El mecanismo jumpUrl en la biblioteca class.tslib_fe.php en TYPO3 versi\u00f3n 3.3.x hasta 3.8.x, versi\u00f3n 4.0 anterior a 4.0.12, versi\u00f3n 4.1 anterior a 4.1.10, versi\u00f3n 4.2 anterior a 4.2.6 y versi\u00f3n 4.3alpha1, filtra un hash secreto (juHash) en un mensaje de error, que permite a los atacantes remotos leer archivos arbitrarios mediante la inclusi\u00f3n del hash en una petici\u00f3n."}], "id": "CVE-2009-0815", "lastModified": "2024-11-21T01:00:58.503", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-03-05T02:30:00.563", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.debian.org/security/2009/dsa-1720"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021710"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.debian.org/security/2009/dsa-1720"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2009/02/10/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021710"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}