mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
108 lines
3.4 KiB
JSON
108 lines
3.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2008-2717",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20080611 TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://www.securityfocus.com/archive/1/493270/100/0/threaded"
|
|
},
|
|
{
|
|
"name" : "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/"
|
|
},
|
|
{
|
|
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/"
|
|
},
|
|
{
|
|
"name" : "DSA-1596",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2008/dsa-1596"
|
|
},
|
|
{
|
|
"name" : "29657",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/29657"
|
|
},
|
|
{
|
|
"name" : "ADV-2008-1802",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2008/1802"
|
|
},
|
|
{
|
|
"name" : "30619",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30619"
|
|
},
|
|
{
|
|
"name" : "30660",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/30660"
|
|
},
|
|
{
|
|
"name" : "3945",
|
|
"refsource" : "SREASON",
|
|
"url" : "http://securityreason.com/securityalert/3945"
|
|
},
|
|
{
|
|
"name" : "typo3-filename-file-upload(42988)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988"
|
|
}
|
|
]
|
|
}
|
|
}
|