“”

[Smile] JumpURL HotFix [Smile] JumpURL HotFix

smile_jumpurl_fix / obsolete

Fix Typo3 Bug "typo3-sa-2009-002": An Information Disclosure vulnerability in jumpUrl mechanism, used to track access on web pages and provided files, allows a remote attacker to read arbitrary files on a host. The expected value of a mandatory hash secret, intended to invalidate such requests, is exposed to remote users allowing them to bypass access control by providing the correct value. Theres no authentication required to exploit this vulnerability. The vulnerability allows to read any file, the web server user account has access to. http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2009-002/ See README.txt in the extension package.

This version supports TYPO3

Last upload comment

Now obsolete. Please update core.

Downloads by month

Download 2.0.1
Author
Smile
Last update
14. May 2014
First upload
13. Feb 2009
Downloads
1,056
Category
Miscellaneous
Dependencies
  • TYPO3 (4.1.0 - 4.2.5)

Installation

  1. Download ZIP file
  2. Log into your TYPO3 backend
  3. Go to Extension Manager module
  4. Press the upload button on the top bar
  5. Select the ZIP file and upload it. If you want to overwrite an existing extension installation, activate the checkbox.
  1. Download T3X file
  2. Log into your TYPO3 backend
  3. Go to Extension Manager module
  4. Press the upload button on the top bar
  5. Select the T3X file and upload it. If you want to overwrite an existing extension installation, activate the checkbox.

Version history

Version Upload comment Works with TYPO3 Download
2.0.1 / obsolete
May 14, 2014 		Now obsolete. Please update core.
4.1.0 - 4.2.5 Download
2.0.0 / stable
February 13, 2009 		First Public Release.
This extension hotfix the "typo3-sa-2009-002" bug.
You do not need this extension if youre using Typo3 4.2.6 or more recent.
Download