6 matches found
EUVD-2012-4399
Malware in sbrugna...
Design/Logic Flaw
The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have other unspecified impact...
CVE-2012-4470
The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have other unspecified impact...
CVE-2012-4470
The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have other unspecified impact...
CVE-2012-4470
The vulnerability CVE-2012-4470 affects the Listhandler module for Drupal (versions 6.x-1.x prior to 6.x-1.1). The root cause is an improper permissions check when importing emails, allowing remote comment authors to bypass access restrictions. This could enable unintended access or other unspeci...
SA-CONTRIB-2012-106 - Listhandler - Access Bypass
Listhandler is a module that marries mailing list discussions and Drupal forums. The module doesn't sufficiently check the permissions of comment authors when importing emails. CVE: CVE-2012-4470 Versions affected All Listhandler 6.x-1.x versions. Drupal core is not affected. If you do not use th...