Lucene search

K

RedhatCVELIST:CVE-2012-1650

HistoryAug 28, 2012 - 4:00 p.m.

CVE-2012-1650

2012-08-2816:00:00

redhat

www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

The ZipCart module 6.x before 6.x-1.4 for Drupal checks the “access content” permission instead of the “access ZipCart downloads” permission when building archives, which allows remote authenticated users with access content permission to bypass intended access restrictions.

References

drupalcode.org/project/zipcart.git/commitdiff/fe143c2

www.openwall.com/lists/oss-security/2012/04/07/1

www.osvdb.org/79766

www.securityfocus.com/bid/52231

drupal.org/node/1460892

drupal.org/node/1461446

exchange.xforce.ibmcloud.com/vulnerabilities/73609

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

Related for CVELIST:CVE-2012-1650

nvd1 drupal1 prion1 cve1