The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Calender_base | Calender_base_project | * | 1.5.8 (including) |
| Calender_base | Calender_base_project | 1.5.0 (including) | 1.5.0 (including) |
| Calender_base | Calender_base_project | 1.5.1 (including) | 1.5.1 (including) |
| Calender_base | Calender_base_project | 1.5.2 (including) | 1.5.2 (including) |
| Calender_base | Calender_base_project | 1.5.3 (including) | 1.5.3 (including) |
| Calender_base | Calender_base_project | 1.5.4 (including) | 1.5.4 (including) |
| Calender_base | Calender_base_project | 1.5.5 (including) | 1.5.5 (including) |
| Calender_base | Calender_base_project | 1.5.6 (including) | 1.5.6 (including) |
| Calender_base | Calender_base_project | 1.5.7 (including) | 1.5.7 (including) |
| Calender_base | Calender_base_project | 1.6.0 (including) | 1.6.0 (including) |
References
- http://typo3.org/extensions/repository/view/cal
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-013/
- http://www.openwall.com/lists/oss-security/2014/10/17/11
- http://www.securityfocus.com/bid/70645
- http://typo3.org/extensions/repository/view/cal
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-013/
- http://www.openwall.com/lists/oss-security/2014/10/17/11
- http://www.securityfocus.com/bid/70645