CVE-2006-6690
First published: Thu Dec 21 2006(Updated: )
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TYPO3 | =4.0.3 | |
| TYPO3 | =4.0.1 | |
| TYPO3 | =4.0.2 | |
| TYPO3 | =4.0 | |
| TYPO3 | =3.7.0 | |
| TYPO3 | =3.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html
- http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html
- http://www.sec-consult.com/272.html
- http://www.securityfocus.com/bid/21680
- http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9
- http://securitytracker.com/id?1017428
- http://secunia.com/advisories/23446
- http://secunia.com/advisories/23466
- http://securityreason.com/securityalert/2056
- http://www.vupen.com/english/advisories/2006/5094
- http://www.securityfocus.com/archive/1/454944/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-6690?
CVE-2006-6690 is rated as high severity due to the potential for remote command execution by authenticated users.
How do I fix CVE-2006-6690?
To fix CVE-2006-6690, upgrade Typo3 to version 4.0.4 or later, as these versions contain patches for this vulnerability.
Who is affected by CVE-2006-6690?
CVE-2006-6690 affects Typo3 versions 4.0.0 through 4.0.3, 3.7, and 3.8 when using the rtehtmlarea extension.
What types of attacks can exploit CVE-2006-6690?
CVE-2006-6690 can be exploited to execute arbitrary shell commands through crafted inputs to the userUid parameter.
Is authentication required to exploit CVE-2006-6690?
Yes, CVE-2006-6690 requires that the attacker be an authenticated user to exploit the vulnerability.
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/weakness
- agent/author
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/typo3
- canonical/typo3 typo3
- version/typo3 typo3/4.0.3
- version/typo3 typo3/4.0.1
- version/typo3 typo3/4.0.2
- version/typo3 typo3/4.0
- version/typo3 typo3/3.7.0
- version/typo3 typo3/3.8