3.5

CVE-2012-1588

Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service (CPU consumption) via a long email address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DrupalDrupal Version7.0
DrupalDrupal Version7.0 Updatealpha1
DrupalDrupal Version7.0 Updatealpha2
DrupalDrupal Version7.0 Updatealpha3
DrupalDrupal Version7.0 Updatealpha4
DrupalDrupal Version7.0 Updatealpha5
DrupalDrupal Version7.0 Updatealpha6
DrupalDrupal Version7.0 Updatealpha7
DrupalDrupal Version7.0 Updatebeta1
DrupalDrupal Version7.0 Updatebeta2
DrupalDrupal Version7.0 Updatebeta3
DrupalDrupal Version7.0 Updatedev
DrupalDrupal Version7.0 Updaterc1
DrupalDrupal Version7.0 Updaterc2
DrupalDrupal Version7.0 Updaterc3
DrupalDrupal Version7.0 Updaterc4
DrupalDrupal Version7.1
DrupalDrupal Version7.2
DrupalDrupal Version7.3
DrupalDrupal Version7.4
DrupalDrupal Version7.5
DrupalDrupal Version7.6
DrupalDrupal Version7.7
DrupalDrupal Version7.8
DrupalDrupal Version7.9
DrupalDrupal Version7.10
DrupalDrupal Version7.11
DrupalDrupal Version7.12
DrupalDrupal Version7.13
DrupalDrupal Version7.x-dev
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.23% 0.651
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://drupal.org/node/1557938
Vendor Advisory
http://secunia.com/advisories/49012
http://www.mandriva.com/security/advisories?name=MDVSA-2013:074
http://drupal.org/drupal-7.14
Patch
http://drupal.org/node/1558468
Vendor Advisory
http://drupalcode.org/project/drupal.git/commit/db79496ae983447506f016a20738c3d7e5d059fa
http://www.securityfocus.com/bid/53368