Published: 04/01/2015 Updated: 06/01/2015

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The frontend rendering component in TYPO3 4.5.x prior to 4.5.39, 4.6.x up to and including 6.2.x prior to 6.2.9, and 7.x prior to 7.0.2, when config.prefixLocalAnchors is set to all or cached, allows remote malicious users to have an unspecified impact (possibly resource consumption) via a "Cache Poisoning" attack using a URL with arbitrary arguments, which triggers a reload of the page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
typo3 typo3 7.0.0
typo3 typo3 7.0.1
typo3 typo3 6.0
typo3 typo3 6.0.1
typo3 typo3 6.0.9
typo3 typo3 6.1
typo3 typo3 6.1.1
typo3 typo3 6.1.2
typo3 typo3 6.2.3
typo3 typo3 6.2.4
typo3 typo3 6.2.5
typo3 typo3 6.2.6
typo3 typo3 4.7.19
typo3 typo3 4.7.20
typo3 typo3 4.7.2
typo3 typo3 4.7.3
typo3 typo3 4.6.14
typo3 typo3 4.6.15
typo3 typo3 4.6.16
typo3 typo3 4.6.17
typo3 typo3 4.5.12
typo3 typo3 4.5.13
typo3 typo3 4.5.14
typo3 typo3 4.5.15
typo3 typo3 4.5.28
typo3 typo3 4.5.29
typo3 typo3 4.5.3
typo3 typo3 4.5.30
typo3 typo3 4.5.8
typo3 typo3 4.5.9
typo3 typo3 6.0.10
typo3 typo3 6.0.12
typo3 typo3 6.0.6
typo3 typo3 6.0.8
typo3 typo3 6.1.3
typo3 typo3 6.1.5
typo3 typo3 6.2.0
typo3 typo3 6.2.1
typo3 typo3 6.2.8
typo3 typo3 4.7.1
typo3 typo3 4.7.14
typo3 typo3 4.7.16
typo3 typo3 4.7.18
typo3 typo3 4.7.4
typo3 typo3 4.7.6
typo3 typo3 4.6.11
typo3 typo3 4.6.13
typo3 typo3 4.6.18
typo3 typo3 4.6.3
typo3 typo3 4.6.5
typo3 typo3 4.5.0
typo3 typo3 4.5.10
typo3 typo3 4.5.17
typo3 typo3 4.5.19
typo3 typo3 4.5.25
typo3 typo3 4.5.27
typo3 typo3 4.5.31
typo3 typo3 4.5.33
typo3 typo3 4.5.5
typo3 typo3 4.5.7
typo3 typo3 6.0.14
typo3 typo3 6.0.2
typo3 typo3 6.0.3
typo3 typo3 6.0.4
typo3 typo3 6.1.7
typo3 typo3 6.1.8
typo3 typo3 6.1.9
typo3 typo3 6.2
typo3 typo3 4.7.10
typo3 typo3 4.7.11
typo3 typo3 4.7.12
typo3 typo3 4.7.13
typo3 typo3 4.7.8
typo3 typo3 4.7.9
typo3 typo3 4.6.0
typo3 typo3 4.6.1
typo3 typo3 4.6.6
typo3 typo3 4.6.7
typo3 typo3 4.6.8
typo3 typo3 4.6.9
typo3 typo3 4.5.2
typo3 typo3 4.5.20
typo3 typo3 4.5.21
typo3 typo3 4.5.22
typo3 typo3 4.5.23
typo3 typo3 4.5.35
typo3 typo3 4.5.36
typo3 typo3 4.5.37
typo3 typo3 4.5.38
typo3 typo3 6.0.11
typo3 typo3 6.0.13
typo3 typo3 6.0.5
typo3 typo3 6.0.7
typo3 typo3 6.1.4
typo3 typo3 6.1.6
typo3 typo3 6.2.2
typo3 typo3 6.2.7
typo3 typo3 4.7.0
typo3 typo3 4.7.15
typo3 typo3 4.7.17
typo3 typo3 4.7.5
typo3 typo3 4.7.7
typo3 typo3 4.6.10
typo3 typo3 4.6.12
typo3 typo3 4.6.2
typo3 typo3 4.6.4
typo3 typo3 4.5.1
typo3 typo3 4.5.11
typo3 typo3 4.5.16
typo3 typo3 4.5.18
typo3 typo3 4.5.24
typo3 typo3 4.5.26
typo3 typo3 4.5.32
typo3 typo3 4.5.34
typo3 typo3 4.5.4
typo3 typo3 4.5.6

CWE-20 http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/https://nvd.nist.gov

Get Started

CVE-2014-9509

Vulnerability Summary

References

Vulmon Search

About

Products

Connect