mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
107 lines
3.7 KiB
JSON
107 lines
3.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2008-2717",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "29657",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/29657"
|
|
},
|
|
{
|
|
"name": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/"
|
|
},
|
|
{
|
|
"name": "30619",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/30619"
|
|
},
|
|
{
|
|
"name": "20080611 TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "typo3-filename-file-upload(42988)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988"
|
|
},
|
|
{
|
|
"name": "DSA-1596",
|
|
"refsource": "DEBIAN",
|
|
"url": "http://www.debian.org/security/2008/dsa-1596"
|
|
},
|
|
{
|
|
"name": "ADV-2008-1802",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2008/1802"
|
|
},
|
|
{
|
|
"name": "30660",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/30660"
|
|
},
|
|
{
|
|
"name": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/"
|
|
},
|
|
{
|
|
"name": "3945",
|
|
"refsource": "SREASON",
|
|
"url": "http://securityreason.com/securityalert/3945"
|
|
}
|
|
]
|
|
}
|
|
} |