CVE-2012-1607 Information

Description

The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13 4.5.0 through 4.5.13 4.6.0 through 4.6.6 4.7 and 6.0 allows remote attackers to obtain the database name via a direct request.

Reference

http://osvdb.org/80761 http://secunia.com/advisories/48622 http://secunia.com/advisories/48647 http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ http://www.debian.org/security/2012/dsa-2445 http://www.openwall.com/lists/oss-security/2012/03/30/4 http://www.securityfocus.com/bid/52771