5
CVE-2012-1591
- EPSS 2.4%
- Veröffentlicht 01.10.2012 00:55:01
- Zuletzt bearbeitet 16.06.2026 23:39:49
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.4% | 0.819 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://drupal.org/node/1557938
http://secunia.com/advisories/49012
http://www.mandriva.com/security/advisories?name=MDVSA-2013:074
http://drupal.org/drupal-7.14
http://www.securityfocus.com/bid/53359
http://drupal.org/node/1507988
http://drupalcode.org/project/drupal.git/commit/3bf6761ff7537dc68e22ea73f155134f3cfd41a8