CVE-2012-3529 Information

Description

The configuration module in the backend in TYPO3 4.5.x before 4.5.19 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.

Reference

http://osvdb.org/84775 http://secunia.com/advisories/50287 http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ http://www.debian.org/security/2012/dsa-2537 http://www.openwall.com/lists/oss-security/2012/08/22/8 https://exchange.xforce.ibmcloud.com/vulnerabilities/77793