CVE-2006-6690 Information
Description
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3 3.7 and 3.8 with the rtehtmlarea extension and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php and possibly another vector.
Reference
http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html http://secunia.com/advisories/23446 http://secunia.com/advisories/23466 http://securityreason.com/securityalert/2056 http://securitytracker.com/id?1017428 http://typo3.org/news-single-view/?tx_newsimporter_pi15BshowItem5D=0&cHash=e4a40a11a9 http://www.sec-consult.com/272.html http://www.securityfocus.com/archive/1/454944/100/0/threaded http://www.securityfocus.com/bid/21680 http://www.vupen.com/english/advisories/2006/5094
Share on: