The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 does not properly filter file types, which allows remote malicious users to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
typo3 typo3 4.2.0 |
||
typo3 typo3 4.2.7 |
||
typo3 typo3 4.2.8 |
||
typo3 typo3 4.2.15 |
||
typo3 typo3 4.2.3 |
||
typo3 typo3 4.2.4 |
||
typo3 typo3 4.2.11 |
||
typo3 typo3 4.2.12 |
||
typo3 typo3 4.2.5 |
||
typo3 typo3 4.2.6 |
||
typo3 typo3 4.2.13 |
||
typo3 typo3 4.2.14 |
||
typo3 typo3 4.2.1 |
||
typo3 typo3 4.2.2 |
||
typo3 typo3 4.2.9 |
||
typo3 typo3 4.2.10 |
||
typo3 typo3 4.3.7 |
||
typo3 typo3 4.3.8 |
||
typo3 typo3 4.3.2 |
||
typo3 typo3 4.3.3 |
||
typo3 typo3 4.3.4 |
||
typo3 typo3 4.3.5 |
||
typo3 typo3 4.3.6 |
||
typo3 typo3 4.3.0 |
||
typo3 typo3 4.3.1 |
||
typo3 typo3 4.4.1 |
||
typo3 typo3 4.4.2 |
||
typo3 typo3 4.4.3 |
||
typo3 typo3 4.4.4 |
||
typo3 typo3 4.4.0 |
Vulmon