Vulnerability Details CVE-2006-6690
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.162
EPSS Ranking 94.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html
- http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html
- http://secunia.com/advisories/23446
- http://secunia.com/advisories/23466
- http://securityreason.com/securityalert/2056
- http://securitytracker.com/id?1017428
- http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9
- http://www.sec-consult.com/272.html
- http://www.securityfocus.com/archive/1/454944/100/0/threaded
- http://www.securityfocus.com/bid/21680
- http://www.vupen.com/english/advisories/2006/5094
- http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html
- http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html
- http://secunia.com/advisories/23446
- http://secunia.com/advisories/23466
- http://securityreason.com/securityalert/2056
- http://securitytracker.com/id?1017428
- http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9
- http://www.sec-consult.com/272.html
- http://www.securityfocus.com/archive/1/454944/100/0/threaded
- http://www.securityfocus.com/bid/21680
- http://www.vupen.com/english/advisories/2006/5094
Products affected by CVE-2006-6690
-
cpe:2.3:a:typo3:typo3:3.7.0
-
cpe:2.3:a:typo3:typo3:3.8
-
cpe:2.3:a:typo3:typo3:4.0
-
cpe:2.3:a:typo3:typo3:4.0.1
-
cpe:2.3:a:typo3:typo3:4.0.2
-
cpe:2.3:a:typo3:typo3:4.0.3