Lucene search
Ubuntu.comUB:CVE-2013-6385HistoryDec 07, 2013 - 12:00 a.m.
CVE-2013-6385
2013-12-0700:00:00
ubuntu.com
ubuntu.com
13
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.056 Low
EPSS
Percentile
93.2%
The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used with
unspecified third-party modules, performs form validation even when CSRF
validation has failed, which might allow remote attackers to trigger
application-specific impacts such as arbitrary code execution via
application-specific vectors.
Related
prion
prion
Input validation
2013-12-07 21:55:00
debiancve
debiancve
CVE-2013-6385
2013-12-07 21:55:00
cve
cve
CVE-2013-6385
2013-12-07 21:55:00
nessus
nessus
Drupal 6.x < 6.29 Multiple Vulnerabilities
2013-11-30 00:00:00
Debian DSA-2828-1 : drupal6 - several vulnerabilities
2013-12-30 00:00:00
Debian DSA-2804-1 : drupal7 - several vulnerabilities
2013-11-27 00:00:00
debian
debian
[SECURITY] [DSA 2828-1] drupal6 security update
2013-12-28 10:23:54
[SECURITY] [DSA 2828-1] drupal6 security update
2013-12-28 10:24:11
[SECURITY] [DSA 2804-1] drupal7 security update
2013-11-26 16:50:30
openvas
openvas
Debian Security Advisory DSA 2828-1 (drupal6 - several vulnerabilities)
2013-12-28 00:00:00
Debian: Security Advisory (DSA-2828-1)
2013-12-27 00:00:00
Fedora Update for drupal7 FEDORA-2013-21844
2013-12-03 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: drupal7-7.24-1.fc20
2013-12-14 03:03:56
[SECURITY] Fedora 20 Update: drupal6-6.29-1.fc20
2013-12-14 03:31:43
[SECURITY] Fedora 19 Update: drupal6-6.29-1.fc19
2013-12-12 02:55:40
drupal
drupal
SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities
2013-11-20 00:00:00
mageia
mageia
Updated drupal package fixes security vulnerabilities
2013-12-01 01:35:13
securityvulns
securityvulns
[ MDVSA-2013:287 ] drupal
2013-12-09 00:00:00
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.056 Low
EPSS
Percentile
93.2%
Related for UB:CVE-2013-6385