SB2015010402 - Multiple vulnerabilities in TYPO3

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2014-9509)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set to all or cached, allows remote attackers to have an unspecified impact (possibly resource consumption) via a "Cache Poisoning" attack using a URL with arbitrary arguments, which triggers a reload of the page.

2) Link following (CVE-ID: CVE-2014-9508)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only contain anchors, allows remote attackers to change URLs to arbitrary domains for those links via unknown vectors.

Remediation

Install update from vendor's website.

References

• http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
• http://lists.opensuse.org/opensuse-updates/2016-08/msg00106.html