mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-19 17:32:41 +00:00
77 lines
2.5 KiB
JSON
77 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2012-1605",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to \"a missing signature (HMAC) for a request argument.\""
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "[oss-security] 20120329 Re: CVE request: TYPO3-CORE-SA-2012-001",
|
|
"refsource": "MLIST",
|
|
"url": "http://www.openwall.com/lists/oss-security/2012/03/30/4"
|
|
},
|
|
{
|
|
"name": "80759",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/80759"
|
|
},
|
|
{
|
|
"name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/"
|
|
},
|
|
{
|
|
"name": "52771",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/52771"
|
|
}
|
|
]
|
|
}
|
|
} |