What is the severity of CVE-2010-3664?

CVE-2010-3664 is classified as a medium severity vulnerability due to its potential for information disclosure in the TYPO3 backend.

How do I fix CVE-2010-3664?

To fix CVE-2010-3664, upgrade TYPO3 to versions 4.1.14, 4.2.13, 4.3.4, or 4.4.1.

Which TYPO3 versions are affected by CVE-2010-3664?

CVE-2010-3664 affects TYPO3 versions before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1.

What does CVE-2010-3664 allow attackers to do?

CVE-2010-3664 allows attackers to gain unauthorized access to sensitive information through the TYPO3 backend.

Is there a patch available for CVE-2010-3664?

Yes, TYPO3 provided patches in the updated versions to mitigate the information disclosure vulnerability described in CVE-2010-3664.

Vulnerability/
CVE-2010-3664

medium

6.5

CWE

200

4/11/2019

21/4/2022

6/2/2024

CVE-2010-3664: Infoleak

First published: Mon Nov 04 2019(Updated: )

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
composer/typo3/cms-backend	>=4.4.0<4.4.1	4.4.1
composer/typo3/cms-backend	>=4.3.0<4.3.4	4.3.4
composer/typo3/cms-backend	>=4.2.0<4.2.13	4.2.13
composer/typo3/cms-backend	<4.1.14	4.1.14
debian/typo3-src
Typo3 Typo3	>=4.4.0<4.4.1
Typo3 Typo3	>=4.3.0<4.3.4
Typo3 Typo3	<4.1.14
Typo3 Typo3	>=4.2.0<4.2.13
TYPO3	<4.1.14
TYPO3	>=4.2.0<4.2.13
TYPO3	>=4.3.0<4.3.4
TYPO3	>=4.4.0<4.4.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-3664?
CVE-2010-3664 is classified as a medium severity vulnerability due to its potential for information disclosure in the TYPO3 backend.
How do I fix CVE-2010-3664?
To fix CVE-2010-3664, upgrade TYPO3 to versions 4.1.14, 4.2.13, 4.3.4, or 4.4.1.
Which TYPO3 versions are affected by CVE-2010-3664?
CVE-2010-3664 affects TYPO3 versions before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1.
What does CVE-2010-3664 allow attackers to do?
CVE-2010-3664 allows attackers to gain unauthorized access to sensitive information through the TYPO3 backend.
Is there a patch available for CVE-2010-3664?
Yes, TYPO3 provided patches in the updated versions to mitigate the information disclosure vulnerability described in CVE-2010-3664.

agent/type
agent/first-publish-date
collector/github-advisory-latest
source/GitHub
alias/GHSA-8xp9-99h5-4vcg
alias/CVE-2010-3664
agent/software-canonical-lookup
agent/severity
agent/weakness
agent/references
agent/last-modified-date
agent/description
collector/security-tracker-debian
source/Debian
agent/author
agent/event
collector/github-advisory
agent/trending
agent/source
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
agent/tags
collector/nvd-cve
source/NVD
collector/nvd-index
package-manager/composer
package-manager/debian
vendor/typo3
canonical/typo3 typo3
version/typo3 typo3/4.4.0
version/typo3 typo3/4.3.0
version/typo3 typo3/4.2.0
canonical/typo3
version/typo3/4.2.0
version/typo3/4.3.0
version/typo3/4.4.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.