NVD

Id
47590  
Name
CVE-2009-0256  
Description
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2009-01-22  
Modified Date
2009-01-29  
Seq
2009-0256  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
238477 47590 CVE-2009-0256 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/  View
238478 47590 CVE-2009-0256 DSA-1711  View
238479 47590 CVE-2009-0256 33376  View
238480 47590 CVE-2009-0256 typo3-library-session-hijacking(48133)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
44745 JVNDB-2009-005752 TYPO3 の認証ライブラリにおけるセッションをハイジャックされる脆弱性 TYPO3 の認証ライブラリは、(1) frontend 認証および (2) backend 認証に関する処理に不備があるため、セッションをハイジャックされる脆弱性が存在します。 CVE-2009-0256 37687 CVE-2009-0256 47590 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005752.html 2009-01-22 2012-12-20 View