Lucene search

[email protected]CVE-2006-5477

HistoryOct 24, 2006 - 8:07 p.m.

CVE-2006-5477

2006-10-2420:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5477

drupal

form submission

redirection

vulnerability

nvd

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

84.8%

JSON

Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL.

CPENameOperatorVersion
drupal:drupaldrupaleq4.6.0
drupal:drupaldrupaleq4.6.5
drupal:drupaldrupaleq4.7.2
drupal:drupaldrupaleq4.6.9
drupal:drupaldrupaleq4.6.2
drupal:drupaldrupaleq4.6.8
drupal:drupaldrupaleq4.7.3
drupal:drupaldrupaleq4.6.3
drupal:drupaldrupaleq4.6.4
drupal:drupaldrupaleq4.7.0

CPE	Name	Operator	Version
drupal:drupal	drupal	eq	4.6.0
drupal:drupal	drupal	eq	4.6.5
drupal:drupal	drupal	eq	4.7.2
drupal:drupal	drupal	eq	4.6.9
drupal:drupal	drupal	eq	4.6.2
drupal:drupal	drupal	eq	4.6.8
drupal:drupal	drupal	eq	4.7.3
drupal:drupal	drupal	eq	4.6.3
drupal:drupal	drupal	eq	4.6.4
drupal:drupal	drupal	eq	4.7.0

Rows per page:

1-10 of 141

References

drupal.org/node/88828

secunia.com/advisories/22486

securityreason.com/securityalert/1764

www.openpkg.org/security/advisories/OpenPKG-SA-2006.025-drupal.html

www.securityfocus.com/archive/1/449200/100/0/threaded

www.securityfocus.com/bid/20631

www.vupen.com/english/advisories/2006/4120

exchange.xforce.ibmcloud.com/vulnerabilities/29682

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

84.8%

JSON

Related for CVE-2006-5477

ubuntucve1