Lucene search
Ubuntu.comUB:CVE-2005-3974HistoryDec 03, 2005 - 12:00 a.m.
CVE-2005-3974
2005-12-0300:00:00
ubuntu.com
ubuntu.com
10
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
75.3%
Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5,
does not correctly enforce user privileges, which allows remote attackers
to bypass the “access user profiles” permission.
Related
cvelist
cvelist
CVE-2005-3974
2005-12-03 19:00:00
nvd
nvd
CVE-2005-3974
2005-12-03 19:03:00
cve
cve
CVE-2005-3974
2005-12-03 19:03:00
debian
debian
[SECURITY] [DSA 958-1] New drupal packages fix several vulnerabilities
2006-01-27 10:01:55
[SECURITY] [DSA 958-1] New drupal packages fix several vulnerabilities
2006-01-27 10:01:55
openvas
openvas
FreeBSD Ports: drupal
2008-09-04 00:00:00
Debian Security Advisory DSA 958-1 (drupal)
2008-01-17 00:00:00
FreeBSD Ports: drupal
2008-09-04 00:00:00
osv
osv
drupal - several
2006-01-27 00:00:00
nessus
nessus
Debian DSA-958-1 : drupal - several vulnerabilities
2006-10-14 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
75.3%
Related for UB:CVE-2005-3974