CVE-2010-5101 Information

Description

Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16 4.3.x before 4.3.9 and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the \file inclusion functionality.\

Reference

http://secunia.com/advisories/35770 http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/ http://www.openwall.com/lists/oss-security/2011/01/13/2 http://www.openwall.com/lists/oss-security/2012/05/10/7 http://www.openwall.com/lists/oss-security/2012/05/11/3 http://www.openwall.com/lists/oss-security/2012/05/12/5 http://www.osvdb.org/70119 http://www.securityfocus.com/bid/45470 https://exchange.xforce.ibmcloud.com/vulnerabilities/64180