CVE-2016-3171

2016-04-12T15:59:00
ID CVE-2016-3171
Type cve
Reporter cve@mitre.org
Modified 2016-05-09T17:46:00

Description

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.