CVE-2009-0256

Name of the Vulnerable Software and Affected Versions TYPO3 versions 4.0.0 through 4.0.9 TYPO3 versions 4.1.0 through 4.1.7 TYPO3 versions 4.2.0 through 4.2.3

Description The issue concerns a session fixation vulnerability in the authentication library. This vulnerability allows remote attackers to hijack web sessions via unspecified vectors related to frontend and backend authentication. The vulnerability may lead to a breach of confidentiality, integrity, and availability of protected information and can be exploited remotely.

Recommendations For versions 4.0.0 through 4.0.9, update to a version outside of this range to mitigate the risk. For versions 4.1.0 through 4.1.7, update to a version outside of this range to mitigate the risk. For versions 4.2.0 through 4.2.3, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the authentication library until a patch is available.