CVE-2006-6690

high

Description

rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.

References

http://www.vupen.com/english/advisories/2006/5094

http://www.securityfocus.com/archive/1/454944/100/0/threaded

http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9

http://securityreason.com/securityalert/2056

http://secunia.com/advisories/23466

http://secunia.com/advisories/23446

http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html

http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html

Details

Source: Mitre, NVD

Published: 2006-12-21

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High