CVE-2005-3974

2005-12-03T19:03:00
ID CVE-2005-3974
Type cve
Reporter cve@mitre.org
Modified 2018-10-19T15:39:00

Description

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.