Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-0246HistoryJul 16, 2013 - 6:55 p.m.
CVE-2013-0246
2013-07-1618:55:00
Debian Security Bug Tracker
security-tracker.debian.org
8
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of otherwise restricted images via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | drupal7 | < 7.52-2+deb9u11 | drupal7_7.52-2+deb9u11_all.deb |
Related
ubuntucve
ubuntucve
CVE-2013-0246
2013-07-16 00:00:00
prion
prion
Design/Logic Flaw
2013-07-16 18:55:00
cve
cve
CVE-2013-0246
2013-07-16 18:55:00
drupal
drupal
SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities
2013-01-16 00:00:00
nessus
nessus
Drupal 6.x < 6.28 / 7.x < 7.19 Multiple Vulnerabilities
2013-01-24 00:00:00
Drupal 7.x < 7.19 Multiple Vulnerabilities
2016-10-28 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related for DEBIANCVE:CVE-2013-0246