PRIOn knowledge basePRION:CVE-2012-5652

HistoryJan 03, 2013 - 1:55 a.m.

Design/Logic Flaw

2013-01-0301:55:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON

Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.

CPENameOperatorVersion
drupaleq6.0 beta2
drupaleq6.0 rc2
drupaleq6.2
drupaleq6.14
drupaleq6.24
drupaleq6.13
drupaleq6.0 dev
drupaleq6.25
drupaleq6.18
drupaleq6.0 beta4

Name	Operator	Version
drupal	eq	6.0 beta2
drupal	eq	6.0 rc2
drupal	eq	6.2
drupal	eq	6.14
drupal	eq	6.24
drupal	eq	6.13
drupal	eq	6.0 dev
drupal	eq	6.25
drupal	eq	6.18
drupal	eq	6.0 beta4

Rows per page:

1-10 of 361

References

drupalcode.org/project/drupal.git/commitdiff/da8023a

osvdb.org/88527

secunia.com/advisories/51517

www.debian.org/security/2013/dsa-2776

www.openwall.com/lists/oss-security/2012/12/20/1

www.securityfocus.com/bid/56993

drupal.org/SA-CORE-2012-004

exchange.xforce.ibmcloud.com/vulnerabilities/80794

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON

Related for PRION:CVE-2012-5652