Lucene search

[email protected]NVD:CVE-2012-2067

HistorySep 05, 2012 - 12:55 a.m.

CVE-2012-2067

2012-09-0500:55:15

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

High

EPSS

0.016

Percentile

87.5%

JSON

Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote attackers to execute arbitrary PHP code via the text parameter to a text filter. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

ckeditorfckeditorMatch6.x-1.1

ckeditorfckeditorMatch6.x-1.1beta

ckeditorfckeditorMatch6.x-1.1beta2

ckeditorfckeditorMatch6.x-1.2

ckeditorfckeditorMatch6.x-1.2-1

ckeditorfckeditorMatch6.x-1.3

ckeditorfckeditorMatch6.x-1.3beta

ckeditorfckeditorMatch6.x-1.3beta2

ckeditorfckeditorMatch6.x-1.3rc1

ckeditorfckeditorMatch6.x-1.3rc2

ckeditorfckeditorMatch6.x-1.3rc3

ckeditorfckeditorMatch6.x-1.3rc5

ckeditorfckeditorMatch6.x-1.3rc6

ckeditorfckeditorMatch6.x-1.3rc7

ckeditorfckeditorMatch6.x-1.4

ckeditorfckeditorMatch6.x-1.4rc1

ckeditorfckeditorMatch6.x-1.4rc2

ckeditorfckeditorMatch6.x-1.xdev

ckeditorfckeditorMatch6.x-2.0

ckeditorfckeditorMatch6.x-2.0alpha1

ckeditorfckeditorMatch6.x-2.0alpha3

ckeditorfckeditorMatch6.x-2.0alpha4

ckeditorfckeditorMatch6.x-2.0alpha5

ckeditorfckeditorMatch6.x-2.0beta1

ckeditorfckeditorMatch6.x-2.0beta2

ckeditorfckeditorMatch6.x-2.0beta3

ckeditorfckeditorMatch6.x-2.0beta4

ckeditorfckeditorMatch6.x-2.0rc1

ckeditorfckeditorMatch6.x-2.0rc2

ckeditorfckeditorMatch6.x-2.1

ckeditorfckeditorMatch6.x-2.1rc1

ckeditorfckeditorMatch6.x-2.2

ckeditorfckeditorMatch6.x-2.2rc1

ckeditorfckeditorMatch6.x-2.3

ckeditorfckeditorMatch6.x-2.xdev

AND

drupaldrupalMatch-

Node

ckeditorckeditorMatch6.x-1.0

ckeditorckeditorMatch6.x-1.0beta1

ckeditorckeditorMatch6.x-1.1

ckeditorckeditorMatch6.x-1.2

ckeditorckeditorMatch6.x-1.3

ckeditorckeditorMatch6.x-1.4

ckeditorckeditorMatch6.x-1.5

ckeditorckeditorMatch6.x-1.6

ckeditorckeditorMatch6.x-1.7

ckeditorckeditorMatch6.x-1.xdev

ckeditorckeditorMatch7.x-1.0

ckeditorckeditorMatch7.x-1.0rc1

ckeditorckeditorMatch7.x-1.1

ckeditorckeditorMatch7.x-1.2

ckeditorckeditorMatch7.x-1.3

ckeditorckeditorMatch7.x-1.4

ckeditorckeditorMatch7.x-1.5

ckeditorckeditorMatch7.x-1.6

ckeditorckeditorMatch7.x-1.xdev

AND

drupaldrupalMatch-

VendorProductVersionCPE
ckeditorfckeditor6.x-1.1cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:*:*:*:*:*:*:*
ckeditorfckeditor6.x-1.1cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta:*:*:*:*:*:*
ckeditorfckeditor6.x-1.1cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta2:*:*:*:*:*:*
ckeditorfckeditor6.x-1.2cpe:2.3:a:ckeditor:fckeditor:6.x-1.2:*:*:*:*:*:*:*
ckeditorfckeditor6.x-1.2-1cpe:2.3:a:ckeditor:fckeditor:6.x-1.2-1:*:*:*:*:*:*:*
ckeditorfckeditor6.x-1.3cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:*:*:*:*:*:*:*
ckeditorfckeditor6.x-1.3cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta:*:*:*:*:*:*
ckeditorfckeditor6.x-1.3cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta2:*:*:*:*:*:*
ckeditorfckeditor6.x-1.3cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc1:*:*:*:*:*:*
ckeditorfckeditor6.x-1.3cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc2:*:*:*:*:*:*

Vendor	Product	Version	CPE
ckeditor	fckeditor	6.x-1.1	cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:::::::*
ckeditor	fckeditor	6.x-1.1	cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta::::::
ckeditor	fckeditor	6.x-1.1	cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta2::::::
ckeditor	fckeditor	6.x-1.2	cpe:2.3:a:ckeditor:fckeditor:6.x-1.2:::::::*
ckeditor	fckeditor	6.x-1.2-1	cpe:2.3:a:ckeditor:fckeditor:6.x-1.2-1:::::::*
ckeditor	fckeditor	6.x-1.3	cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:::::::*
ckeditor	fckeditor	6.x-1.3	cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta::::::
ckeditor	fckeditor	6.x-1.3	cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta2::::::
ckeditor	fckeditor	6.x-1.3	cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc1::::::
ckeditor	fckeditor	6.x-1.3	cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc2::::::

Rows per page:

1-10 of 551

References

drupal.org/node/1482442

drupal.org/node/1482466

drupal.org/node/1482480

drupal.org/node/1482528

secunia.com/advisories/48435

www.openwall.com/lists/oss-security/2012/04/07/1

www.osvdb.org/80080

exchange.xforce.ibmcloud.com/vulnerabilities/74037

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

High

EPSS

0.016

Percentile

87.5%

JSON

Related for NVD:CVE-2012-2067

cvelist1 prion1 cve1 drupal1