The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-09-04T20:00:00Z

Updated: 2024-09-16T18:38:40.903Z

Reserved: 2012-03-12T00:00:00Z

Link: CVE-2012-1605

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-09-04T20:55:01.153

Modified: 2024-11-21T01:37:17.643

Link: CVE-2012-1605

cve-icon Redhat

No data.