Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2016-3171HistoryApr 12, 2016 - 3:59 p.m.
CVE-2016-3171
2016-04-1215:59:00
Debian Security Bug Tracker
security-tracker.debian.org
10
EPSS
0.043
Percentile
92.3%
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | drupal7 | < 7.52-2+deb9u11 | drupal7_7.52-2+deb9u11_all.deb |
Related
github
github
Drupal arbitrary code execution
2022-05-17 03:55:47
prion
prion
Code injection
2016-04-12 15:59:00
friendsofphp
friendsofphp
Session data truncation can lead to unserialization of user provided data
2016-02-15 18:57:00
Session data truncation can lead to unserialization of user provided data
2016-02-15 18:57:00
nvd
nvd
CVE-2016-3171
2016-04-12 15:59:08
cve
cve
CVE-2016-3171
2016-04-12 15:59:08
osv
osv
Drupal arbitrary code execution
2022-05-17 03:55:47
ubuntucve
ubuntucve
CVE-2016-3171
2016-04-12 00:00:00
cvelist
cvelist
CVE-2016-3171
2016-04-12 15:00:00
openvas
openvas
Drupal 6.x < 6.38 Multiple Vulnerabilities (SA-CORE-2016-001) - Windows
2016-05-18 00:00:00
Drupal 6.x < 6.38 Multiple Vulnerabilities (SA-CORE-2016-001) - Linux
2016-05-18 00:00:00
drupal
drupal
Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2016-001
2016-02-24 00:00:00