Lucene search
Ubuntu.comUB:CVE-2005-3974HistoryDec 03, 2005 - 12:00 a.m.
CVE-2005-3974
2005-12-0300:00:00
ubuntu.com
ubuntu.com
14
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
0.005
Percentile
75.3%
Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5,
does not correctly enforce user privileges, which allows remote attackers
to bypass the “access user profiles” permission.
Related
cve
cve
CVE-2005-3974
2005-12-03 19:03:00
cvelist
cvelist
CVE-2005-3974
2005-12-03 19:00:00
nvd
nvd
CVE-2005-3974
2005-12-03 19:03:00
osv
osv
drupal - several
2006-01-27 00:00:00
debian
debian
[SECURITY] [DSA 958-1] New drupal packages fix several vulnerabilities
2006-01-27 10:01:55
[SECURITY] [DSA 958-1] New drupal packages fix several vulnerabilities
2006-01-27 10:01:55
openvas
openvas
Debian Security Advisory DSA 958-1 (drupal)
2008-01-17 00:00:00
FreeBSD Ports: drupal
2008-09-04 00:00:00
Debian: Security Advisory (DSA-958-1)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-958-1 : drupal - several vulnerabilities
2006-10-14 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
0.005
Percentile
75.3%
Related for UB:CVE-2005-3974