CVE-2009-0258

Priority
High
Description
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0
through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote
attackers to execute arbitrary commands via a crafted filename containing
shell metacharacters, which is not properly handled by the command-line
indexer.
References
Bugs
Package
Upstream:released (4.0.10, 4.1.8, 4.2.4)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.10 (Oneiric Ocelot):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.04 (Raring Ringtail):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Patches:
Vendor:http://www.debian.org/security/2009/dsa-1711
More Information

Valid XHTML 1.0 Strict

Updated: 2013-05-09 15:17:59 UTC (commit 6824)