CVE-2009-0255
22.01.2009, 23:30
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.Enginsight
Vendor | Product | Version |
---|---|---|
typo3 | typo3 | 4.0 ≤ 𝑥 < 4.0.10 |
typo3 | typo3 | 4.1.0 ≤ 𝑥 < 4.1.8 |
typo3 | typo3 | 4.2.0 ≤ 𝑥 < 4.2.4 |
debian | debian_linux | 4.0 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Common Weakness Enumeration
References