Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-0826HistoryOct 28, 2013 - 10:55 p.m.
CVE-2012-0826
2013-10-2822:55:00
Debian Security Bug Tracker
security-tracker.debian.org
8
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | drupal7 | < 7.52-2+deb9u11 | drupal7_7.52-2+deb9u11_all.deb |
Related
cvelist
cvelist
CVE-2012-0826
2013-10-28 22:00:00
ubuntucve
ubuntucve
CVE-2012-0826
2013-10-28 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-10-28 22:55:00
cve
cve
CVE-2012-0826
2013-10-28 22:55:03
openvas
openvas
FreeBSD Ports: drupal6
2012-02-12 00:00:00
FreeBSD Ports: drupal6
2012-02-12 00:00:00
Debian Security Advisory DSA 2776-1 (drupal6 - several vulnerabilities)
2013-10-11 00:00:00
nessus
nessus
FreeBSD : drupal -- multiple vulnerabilities (10720fe8-51e0-11e1-91c1-00215c6a37bb)
2012-02-08 00:00:00
Debian DSA-2776-1 : drupal6 - several vulnerabilities
2013-10-13 00:00:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2012-02-01 00:00:00
drupal
drupal
SA-CORE-2012-001 - Drupal core multiple vulnerabilities
2012-02-01 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2776-1] drupal6 security update
2013-10-13 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for DEBIANCVE:CVE-2012-0826