CVE-2012-1607
Published: 4 September 2012
The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.
Notes
| Author | Note |
|---|---|
| tyhicks | Affected Versions: 4.4.0 up to 4.4.13, 4.5.0 up to 4.5.13, 4.6.0 up to 4.6.6 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
typo3-src Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| hardy |
Ignored
(end of life)
|
|
| lucid |
Ignored
(end of life)
|
|
| maverick |
Ignored
(end of life)
|
|
| natty |
Released
(4.3.9+dfsg1-1+squeeze3build0.11.04.1)
|
|
| oneiric |
Ignored
(end of life)
|
|
| precise |
Ignored
(end of life)
|
|
| quantal |
Ignored
(end of life)
|
|
| raring |
Ignored
(end of life)
|
|
| saucy |
Ignored
(end of life)
|
|
| trusty |
Does not exist
(trusty was not-affected [4.5.32+dfsg1-1])
|
|
| upstream |
Released
(4.5.14+dfsg1-1)
|
|
| utopic |
Ignored
(end of life)
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|