Mehrere Probleme in drupal6
ID: | FEDORA-2012-20794 |
Distribution: | Fedora |
Plattformen: | Fedora 16 |
Datum: | Sa, 5. Januar 2013, 08:33 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5652 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 |
Applikationen: | Drupal |
Originalnachricht |
|
Name : drupal6 Product : Fedora 16 Version : 6.27 Release : 1.fc16 URL : http://www.drupal.org Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: Upstream Drupal has reported SA-CORE-2012-004 [1] which corrects multiple vulnerabilities: 1) Access bypass (User module search - Drupal 6 and 7) 2) Access bypass (Upload module - Drupal 6) 3) Arbitrary PHP code execution (File upload modules - Drupal 6 and 7) CVEs have been requested and are not yet assigned. These flaws have been fixed in Drupal 6.27 and 7.18. [1] http://drupal.org/SA-CORE-2012-004 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 20 2012 Jon Ciesla |