Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0275

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0275
Last Modified 05 Sep 2008 05:34:39
Published 15 Jan 2008 03:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0275

Summary

The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content.

Vulnerable Systems

Application

  • Drupal Atom Module 4.7

  • Drupal Atom Module 5.0


References

XF - drupal-atom-security-bypass(39607)

CONFIRM - http://drupal.org/node/208527


Last Updated: 27 May 2016 10:46:44