Lucene search
PRIOn knowledge basePRION:CVE-2012-5653HistoryJan 03, 2013 - 1:55 a.m.
Unrestricted file upload
2013-01-0301:55:00
PRIOn knowledge base
www.prio-n.com
11
The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file name.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 7.0 | |
| debian_linux | eq | 6.0 | |
| drupal | eq | 7.0 alpha5 | |
| drupal | eq | 7.0 dev | |
| drupal | eq | 7.0 alpha7 | |
| drupal | eq | 7.16 | |
| drupal | eq | 7.0 rc2 | |
| drupal | eq | 7.15 | |
| drupal | eq | 7.0 rc4 | |
| drupal | eq | 7.0 beta2 |
References
drupalcode.org/project/drupal.git/commitdiff/b47f95d
drupalcode.org/project/drupal.git/commitdiff/da8023a
osvdb.org/88529
www.debian.org/security/2013/dsa-2776
www.mandriva.com/security/advisories?name=MDVSA-2013:074
www.openwall.com/lists/oss-security/2012/12/20/1
www.securityfocus.com/bid/56993
drupal.org/SA-CORE-2012-004
exchange.xforce.ibmcloud.com/vulnerabilities/80795
Related
ubuntucve
ubuntucve
CVE-2012-5653
2013-01-03 00:00:00
nvd
nvd
CVE-2012-5653
2013-01-03 01:55:03
debiancve
debiancve
CVE-2012-5653
2013-01-03 01:55:00
cve
cve
CVE-2012-5653
2013-01-03 01:55:03
cvelist
cvelist
CVE-2012-5653
2013-01-03 01:00:00
nessus
nessus
Drupal 6.x < 6.27 / 7.x < 7.18 Multiple Vulnerabilities
2012-12-21 00:00:00
Fedora 16 : drupal6-6.27-1.fc16 / drupal7-7.18-1.fc16 (2012-20794)
2013-01-07 00:00:00
Fedora 18 : drupal6-6.27-1.fc18 / drupal7-7.18-1.fc18 (2012-20746)
2013-01-14 00:00:00
drupal
drupal
SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities
2012-12-19 00:00:00
openvas
openvas
Fedora Update for drupal6 FEDORA-2012-20766
2013-01-08 00:00:00
Fedora Update for drupal6 FEDORA-2012-20766
2013-01-08 00:00:00
Fedora Update for drupal6 FEDORA-2012-20794
2013-01-08 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: drupal6-6.27-1.fc17
2013-01-05 06:35:46
[SECURITY] Fedora 18 Update: drupal7-7.18-1.fc18
2013-01-11 23:58:23
[SECURITY] Fedora 18 Update: drupal6-6.27-1.fc18
2013-01-11 23:58:23
debian
debian
[SECURITY] [DSA 2776-1] drupal6 security update
2013-10-11 14:32:46
securityvulns
securityvulns
[SECURITY] [DSA 2776-1] drupal6 security update
2013-10-13 00:00:00