CVE-2011-4614 - Vulnerability Details - OpenCVE

PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Typo3	Typo3

Configuration 1 [-]

OR	cpe:2.3:a:typo3:typo3:4.5:::::::*
	cpe:2.3:a:typo3:typo3:4.5.1:::::::*
	cpe:2.3:a:typo3:typo3:4.5.2:::::::*
	cpe:2.3:a:typo3:typo3:4.5.3:::::::*
	cpe:2.3:a:typo3:typo3:4.5.4:::::::*
	cpe:2.3:a:typo3:typo3:4.5.5:::::::*
	cpe:2.3:a:typo3:typo3:4.5.6:::::::*
	cpe:2.3:a:typo3:typo3:4.5.7:::::::*
	cpe:2.3:a:typo3:typo3:4.5.8:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:typo3:typo3:4.6:::::::*
	cpe:2.3:a:typo3:typo3:4.6.1:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/47201
http://typo3.org/fileadmin/security-team/bug32571/32571.diff
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/
http://www.openwall.com/lists/oss-security/2011/12/16/1
http://www.osvdb.org/77776

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-02-18T00:00:00Z

Updated: 2024-09-17T04:24:23.972Z

Reserved: 2011-11-29T00:00:00Z

Link: CVE-2011-4614

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-02-18T00:55:02.213

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-4614

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-02-18T00:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "77776", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/77776"}, {"name": "47201", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47201"}, {"name": "[oss-security] 20111216 TYPO3 typo3-core-sa-2011-004", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/12/16/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://typo3.org/fileadmin/security-team/bug32571/32571.diff"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-4614", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "77776", "refsource": "OSVDB", "url": "http://www.osvdb.org/77776"}, {"name": "47201", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47201"}, {"name": "[oss-security] 20111216 TYPO3 typo3-core-sa-2011-004", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2011/12/16/1"}, {"name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/", "refsource": "CONFIRM", "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/"}, {"name": "http://typo3.org/fileadmin/security-team/bug32571/32571.diff", "refsource": "CONFIRM", "url": "http://typo3.org/fileadmin/security-team/bug32571/32571.diff"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:09:19.339Z"}, "title": "CVE Program Container", "references": [{"name": "77776", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/77776"}, {"name": "47201", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47201"}, {"name": "[oss-security] 20111216 TYPO3 typo3-core-sa-2011-004", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/12/16/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://typo3.org/fileadmin/security-team/bug32571/32571.diff"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4614", "datePublished": "2012-02-18T00:00:00Z", "dateReserved": "2011-11-29T00:00:00Z", "dateUpdated": "2024-09-17T04:24:23.972Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "9788D5CD-FEAA-4D07-8252-4176AD0BC0C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "868534F5-9CEE-48F8-BD2F-EDD8F9F5D302", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "3AD9A9F1-28EA-4B39-9D2D-74E7F86B1355", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D2B855F-5281-4DE6-A3C2-F579FDE5FD60", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "4F773E8B-F81C-4A04-8A78-0576CB899A43", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2B48937-411B-468D-B35C-73BA0DCE7A03", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "867200CE-C689-4E6F-9D56-565B6D841494", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "E3EDD9F0-BBE2-4A79-B1A1-6CD31939A5EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1AAEAFB6-4FA3-4586-A7D6-ED269433220A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:typo3:typo3:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "4D42D56A-2A1D-4FAA-961D-304E916BEF80", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FAAF258-882A-46AE-B32C-7569A79C1DAC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter."}, {"lang": "es", "value": "Vulnerabilidad de inclusi\u00f3n remota de archivo PHP en Classes/Controller/AbstractController.php en la extensi\u00f3n del sistema de espacios de trabajo de TYPO3 v4.5.x antes de v4.5.9, v4.6.x antes de v4.6.2 y versiones de desarrollo de v4.7 permite a atacantes remotos ejecutar c\u00f3digo PHP de su elecci\u00f3n a trav\u00e9s de una URL en el par\u00e1metro BACK_PATH."}], "id": "CVE-2011-4614", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-02-18T00:55:02.213", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47201"}, {"source": "secalert@redhat.com", "url": "http://typo3.org/fileadmin/security-team/bug32571/32571.diff"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/12/16/1"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/77776"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47201"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://typo3.org/fileadmin/security-team/bug32571/32571.diff"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/12/16/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/77776"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}