Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-5653HistoryJan 03, 2013 - 1:55 a.m.
CVE-2012-5653
2013-01-0301:55:00
Debian Security Bug Tracker
security-tracker.debian.org
12
0.012 Low
EPSS
Percentile
85.5%
The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file name.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | drupal7 | < 7.52-2+deb9u11 | drupal7_7.52-2+deb9u11_all.deb |
Related
nvd
nvd
CVE-2012-5653
2013-01-03 01:55:03
ubuntucve
ubuntucve
CVE-2012-5653
2013-01-03 00:00:00
cve
cve
CVE-2012-5653
2013-01-03 01:55:03
prion
prion
Unrestricted file upload
2013-01-03 01:55:00
cvelist
cvelist
CVE-2012-5653
2013-01-03 01:00:00
openvas
openvas
Fedora Update for drupal6 FEDORA-2012-20766
2013-01-08 00:00:00
Fedora Update for drupal6 FEDORA-2012-20794
2013-01-08 00:00:00
Fedora Update for drupal6 FEDORA-2012-20766
2013-01-08 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: drupal6-6.27-1.fc17
2013-01-05 06:35:46
[SECURITY] Fedora 16 Update: drupal6-6.27-1.fc16
2013-01-05 06:36:30
[SECURITY] Fedora 18 Update: drupal7-7.18-1.fc18
2013-01-11 23:58:23
nessus
nessus
Drupal 6.x < 6.27 / 7.x < 7.18 Multiple Vulnerabilities
2012-12-21 00:00:00
Fedora 16 : drupal6-6.27-1.fc16 / drupal7-7.18-1.fc16 (2012-20794)
2013-01-07 00:00:00
Fedora 17 : drupal6-6.27-1.fc17 / drupal7-7.18-1.fc17 (2012-20766)
2013-01-07 00:00:00
drupal
drupal
SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities
2012-12-19 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2776-1] drupal6 security update
2013-10-13 00:00:00
debian
debian
[SECURITY] [DSA 2776-1] drupal6 security update
2013-10-11 14:32:46