Vulnerability Details : CVE-2010-4068
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-2010-3714.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2010-4068
Probability of exploitation activity in the next 30 days: 0.13%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 46 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-4068
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:N |
6.8
|
4.9
|
NIST |
CWE ids for CVE-2010-4068
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-4068
-
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/
Page Not FoundVendor Advisory
-
http://www.debian.org/security/2010/dsa-2121
Debian -- Security Information -- DSA-2121-1 typo3-src
-
http://www.securityfocus.com/bid/43786
TYPO3 Core TYPO3-SA-2010-020 Multiple Security Vulnerabilities
Products affected by CVE-2010-4068
- cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:typo3:typo3:4.3.4:*:*:*:*:*:*:*