Lucene search
HistoryMar 27, 2013 - 9:55 p.m.
CVE-2013-0316
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.002
Percentile
61.7%
The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests.
Affected configurations
Node
drupaldrupalMatch7.0
ORdrupaldrupalMatch7.0alpha1
ORdrupaldrupalMatch7.0alpha2
ORdrupaldrupalMatch7.0alpha3
ORdrupaldrupalMatch7.0alpha4
ORdrupaldrupalMatch7.0alpha5
ORdrupaldrupalMatch7.0alpha6
ORdrupaldrupalMatch7.0alpha7
ORdrupaldrupalMatch7.0beta1
ORdrupaldrupalMatch7.0beta2
ORdrupaldrupalMatch7.0beta3
ORdrupaldrupalMatch7.0dev
ORdrupaldrupalMatch7.0rc1
ORdrupaldrupalMatch7.0rc2
ORdrupaldrupalMatch7.0rc3
ORdrupaldrupalMatch7.0rc4
ORdrupaldrupalMatch7.1
ORdrupaldrupalMatch7.2
ORdrupaldrupalMatch7.3
ORdrupaldrupalMatch7.4
ORdrupaldrupalMatch7.5
ORdrupaldrupalMatch7.6
ORdrupaldrupalMatch7.7
ORdrupaldrupalMatch7.8
ORdrupaldrupalMatch7.9
ORdrupaldrupalMatch7.10
ORdrupaldrupalMatch7.11
ORdrupaldrupalMatch7.12
ORdrupaldrupalMatch7.13
ORdrupaldrupalMatch7.14
ORdrupaldrupalMatch7.15
ORdrupaldrupalMatch7.16
ORdrupaldrupalMatch7.17
ORdrupaldrupalMatch7.18
ORdrupaldrupalMatch7.19
ORdrupaldrupalMatch7.x-dev
| Vendor | Product | Version | CPE |
|---|---|---|---|
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:* |
| drupal | drupal | 7.0 | cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:* |
Related
nessus
nessus
Drupal 7.x < 7.20 On-Demand Image Derivative Generation Handling Resource Exhaustion DoS
2013-03-04 00:00:00
Mandriva Linux Security Advisory : drupal (MDVSA-2013:287-1)
2013-11-27 00:00:00
cvelist
cvelist
CVE-2013-0316
2013-03-27 21:00:00
ubuntucve
ubuntucve
CVE-2013-0316
2013-03-27 00:00:00
debiancve
debiancve
CVE-2013-0316
2013-03-27 21:55:00
prion
prion
Code injection
2013-03-27 21:55:00
cve
cve
CVE-2013-0316
2013-03-27 21:55:02
drupal
drupal
SA-CORE-2013-002 - Drupal core - Denial of service
2013-02-20 00:00:00
freebsd
freebsd
drupal7 -- Denial of service
2013-02-20 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:287 ] drupal
2013-12-09 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.002
Percentile
61.7%
Related for NVD:CVE-2013-0316