5

CVE-2012-1056

The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sean RobertsonForward Version6.x-1.0
   DrupalDrupal
Sean RobertsonForward Version6.x-1.1
   DrupalDrupal
Sean RobertsonForward Version6.x-1.2
   DrupalDrupal
Sean RobertsonForward Version6.x-1.3
   DrupalDrupal
Sean RobertsonForward Version6.x-1.4
   DrupalDrupal
Sean RobertsonForward Version6.x-1.5
   DrupalDrupal
Sean RobertsonForward Version6.x-1.6
   DrupalDrupal
Sean RobertsonForward Version6.x-1.7
   DrupalDrupal
Sean RobertsonForward Version6.x-1.8
   DrupalDrupal
Sean RobertsonForward Version6.x-1.9
   DrupalDrupal
Sean RobertsonForward Version6.x-1.10
   DrupalDrupal
Sean RobertsonForward Version6.x-1.11
   DrupalDrupal
Sean RobertsonForward Version6.x-1.12
   DrupalDrupal
Sean RobertsonForward Version6.x-1.13
   DrupalDrupal
Sean RobertsonForward Version6.x-1.14
   DrupalDrupal
Sean RobertsonForward Version6.x-1.15
   DrupalDrupal
Sean RobertsonForward Version6.x-1.16
   DrupalDrupal
Sean RobertsonForward Version6.x-1.17
   DrupalDrupal
Sean RobertsonForward Version6.x-1.18
   DrupalDrupal
Sean RobertsonForward Version6.x-1.19
   DrupalDrupal
Sean RobertsonForward Version6.x-1.20
   DrupalDrupal
Sean RobertsonForward Version6.x-1.x-dev
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updatealpha1
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updatealpha2
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updatealpha3
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc1
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc2
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc3
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc4
   DrupalDrupal
Sean RobertsonForward Version7.x-1.1
   DrupalDrupal
Sean RobertsonForward Version7.x-1.2
   DrupalDrupal
Sean RobertsonForward Version7.x-1.x-dev
   DrupalDrupal
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.5% 0.708
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://drupal.org/node/1423722
Patch
http://drupal.org/node/1425150
Patch
Vendor Advisory
http://osvdb.org/78817
http://secunia.com/advisories/47851
Vendor Advisory
http://www.securityfocus.com/bid/51826
https://exchange.xforce.ibmcloud.com/vulnerabilities/72920