CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-6235

HIGH
7.5
CVSS Severity Score
EPSS Score0.0830%
EPSS Percentile43.17th
Published2014年9月11日
Last Modified2026年5月6日

Vulnerability Description

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.

Affected Platforms (CPE)

📦
Kennziffer

Ke Dompdf

<= 0.0.3

References & Advisories

🔗 http://typo3.org/extensions/repository/view/ke_dompdf
🔗 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
🔗 http://www.securityfocus.com/bid/69563
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/95706
🔗 http://typo3.org/extensions/repository/view/ke_dompdf
🔗 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
🔗 http://www.securityfocus.com/bid/69563
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/95706

関連する脆弱性情報

CVE-2021-38389.8

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into...

CVE-2014-50138.8

DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.

CVE-2010-48797.5

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code ...

CVE-2013-07247.5

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before ...