4.6

CVE-2006-1227

Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, does not implement access control for the page that is referenced, which might allow remote attackers to access administrator pages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DrupalDrupal Version4.5.0
DrupalDrupal Version4.5.1
DrupalDrupal Version4.5.2
DrupalDrupal Version4.5.3
DrupalDrupal Version4.5.4
DrupalDrupal Version4.5.5
DrupalDrupal Version4.5.6
DrupalDrupal Version4.5.7
DrupalDrupal Version4.6.0
DrupalDrupal Version4.6.1
DrupalDrupal Version4.6.2
DrupalDrupal Version4.6.3
DrupalDrupal Version4.6.4
DrupalDrupal Version4.6.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.87% 0.54
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/19245
Patch
Vendor Advisory
http://secunia.com/advisories/19257
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1007
Patch
Vendor Advisory
http://www.securityfocus.com/bid/17104
http://drupal.org/node/53796
Patch
Vendor Advisory
http://securityreason.com/securityalert/578
http://www.osvdb.org/23909
Patch
http://www.securityfocus.com/archive/1/427587/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/25197