Release Date: Oktober 20, 2011
Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
Affected Versions: Version 0.21.0 and all versions below
Vulnerability Type: Remote Command Execution, Remote File Disclosure
Severity: Critical
Suggested CVSS v2.0: AV:N/AC:L/Au:N/C:C/I:P/A:P/E:F/RL:OF/RC:C (What is this?)
Problem Description: The extension includes the html2ps library to create PDFs including it's main script html2ps.php. Failing to validate or sanitize user data it is susceptible to Remote Command Execution and potential File Disclosure of web resources that are accessible through the webserver's network.
Solution: An updated version 0.21.1 is available from the TYPO3 extension manager and at http://typo3.org/extensions/repository/view/pdf_generator2/0.21.1/. Users of the extension are advised to update the extension as soon as possible.
Credits: Thanks to Arnaud Labenne and Thorsten Boock who discovered and reported the issues.
General advice: Follow the recommendations that are given in the TYPO3 Security Cookbook. Please subscribe to thetypo3-announce mailing list to receive future Security Bulletins via E-mail.