High severity7.5NVD Advisory· Published Jan 22, 2009· Updated Jun 16, 2026
CVE-2009-0255
CVE-2009-0255
Description
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.
Affected products
4- Range: 4.0.0-4.0.9, 4.1.0-4.1.7, 4.2.0-4.2.3
Patches
Vulnerability mechanics
References
6- secunia.com/advisories/33617nvdBroken LinkVendor Advisory
- secunia.com/advisories/33679nvdBroken LinkVendor Advisory
- typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/nvdVendor Advisory
- www.securityfocus.com/bid/33376nvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/48132nvdThird Party AdvisoryVDB Entry
- www.debian.org/security/2009/dsa-1711nvdMailing List
News mentions
0No linked articles in our index yet.