Vulnerability CVE-2007-3689
Published: 2007-07-11   Modified: 2012-02-12

Description:
The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None
Affected software
Drupal -> Print module 

 References:
http://drupal.org/node/158032
http://drupal.org/node/158029
http://drupal.org/node/152804
http://www.vupen.com/english/advisories/2007/2470
http://osvdb.org/37897
http://xforce.iss.net/xforce/xfdb/35314
http://www.securityfocus.com/bid/24862
http://secunia.com/advisories/25978
Copyright 2024, cxsecurity.com

 

Back to Top