CVE-2009-1264
Severity Score
4.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
La extensión Frontend User Registration (sr_feuser_register) v.2.5.20 y anteriores para TYPO3, no comprueba adecuadamente los permisos de acceso, esto permite a usuarios autenticados en remoto obtener información sensible como contraseñas a través de vectores de ataque desconocidos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-04-07 CVE Reserved
- 2009-04-07 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/53278 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://typo3.org/extensions/repository/view/sr_feuser_register/2.5.21 | 2009-04-08 | |
| http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004 | 2009-04-08 | |
| http://www.securityfocus.com/bid/34374 | 2009-04-08 | |
| http://www.vupen.com/english/advisories/2009/0938 | 2009-04-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/34586 | 2009-04-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | <= 2.5.20 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version " <= 2.5.20" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 1.4 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "1.4" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 1.6 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "1.6" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.2.1 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.2.1" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.2.7 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.2.7" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.2.8 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.2.8" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.3 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.3" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.3.6 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.3.6" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.4 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.4" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.5 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.5" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|
| Stanislas Rolland Search vendor "Stanislas Rolland" | Sr Feuser Register Search vendor "Stanislas Rolland" for product "Sr Feuser Register" | 2.5.10 Search vendor "Stanislas Rolland" for product "Sr Feuser Register" and version "2.5.10" | - |
Affected
| in | Typo3 Search vendor "Typo3" | Typo3 Search vendor "Typo3" for product "Typo3" | * | - |
Safe
|