Lucene search
Ubuntu.comUB:CVE-2012-4553HistoryNov 11, 2012 - 12:00 a.m.
CVE-2012-4553
2012-11-1100:00:00
ubuntu.com
ubuntu.com
14
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
75.2%
Drupal 7.x before 7.16 allows remote attackers to obtain sensitive
information and possibly re-install Drupal and execute arbitrary PHP code
via an external database server, related to “transient conditions.”
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690817>
- <https://bugs.launchpad.net/ubuntu/+source/drupal7/+bug/1075455>
Notes
| Author | Note |
|---|---|
| seth-arnold | mitigated if webserver user cannot write to drupal code or data though information leak through install.php is also possible |
Related
cve
cve
CVE-2012-4553
2022-10-03 16:15:33
debiancve
debiancve
CVE-2012-4553
2012-11-11 13:00:00
nvd
nvd
CVE-2012-4553
2012-11-11 13:00:55
cvelist
cvelist
CVE-2012-4553
2022-10-03 16:15:33
prion
prion
Design/Logic Flaw
2012-11-11 13:00:00
openvas
openvas
FreeBSD Ports: drupal7
2012-11-26 00:00:00
FreeBSD Ports: drupal7
2012-11-26 00:00:00
nessus
nessus
Drupal 7.x < 7.16 Multiple Vulnerabilities
2012-10-24 00:00:00
drupal
drupal
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
75.2%
Related for UB:CVE-2012-4553