5

CVE-2012-1591

The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DrupalDrupal Version7.0
DrupalDrupal Version7.0 Updatealpha1
DrupalDrupal Version7.0 Updatealpha2
DrupalDrupal Version7.0 Updatealpha3
DrupalDrupal Version7.0 Updatealpha4
DrupalDrupal Version7.0 Updatealpha5
DrupalDrupal Version7.0 Updatealpha6
DrupalDrupal Version7.0 Updatealpha7
DrupalDrupal Version7.0 Updatebeta1
DrupalDrupal Version7.0 Updatebeta2
DrupalDrupal Version7.0 Updatebeta3
DrupalDrupal Version7.0 Updatedev
DrupalDrupal Version7.0 Updaterc1
DrupalDrupal Version7.0 Updaterc2
DrupalDrupal Version7.0 Updaterc3
DrupalDrupal Version7.0 Updaterc4
DrupalDrupal Version7.1
DrupalDrupal Version7.2
DrupalDrupal Version7.3
DrupalDrupal Version7.4
DrupalDrupal Version7.5
DrupalDrupal Version7.6
DrupalDrupal Version7.7
DrupalDrupal Version7.8
DrupalDrupal Version7.9
DrupalDrupal Version7.10
DrupalDrupal Version7.11
DrupalDrupal Version7.12
DrupalDrupal Version7.13
DrupalDrupal Version7.x-dev
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.46% 0.634
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.