CVE-2012-1588

Sažetak

Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service (CPU consumption) via a long email address.

Reference

http://drupal.org/drupal-7.14
http://drupal.org/node/1557938
http://drupal.org/node/1558468
http://drupalcode.org/project/drupal.git/commit/db79496ae983447506f016a20738c3d7e5d059fa
http://secunia.com/advisories/49012
http://www.mandriva.com/security/advisories?name=MDVSA-2013:074
http://www.securityfocus.com/bid/53368

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

13-12-2013 - 04:58

Objavljeno

01-10-2012 - 00:55