Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5277

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2010-5277
Last Modified 08 Oct 2012 05:25:53
Published 07 Oct 2012 04:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2010-5277

Summary

Unspecified vulnerability in the Views Bulk Operations module 6 before 6.x-1.10 for Drupal allows remote authenticated users with user management permissions to bypass intended access restrictions and delete anonymous users (user 0) via unspecified vectors.

Vulnerable Systems

Application

  • Karim Ratib Views Bulk Operations 6.x-1.0

  • Karim Ratib Views Bulk Operations 6.x-1.1

  • Karim Ratib Views Bulk Operations 6.x-1.2

  • Karim Ratib Views Bulk Operations 6.x-1.3

  • Karim Ratib Views Bulk Operations 6.x-1.4

  • Karim Ratib Views Bulk Operations 6.x-1.5

  • Karim Ratib Views Bulk Operations 6.x-1.6

  • Karim Ratib Views Bulk Operations 6.x-1.7

  • Karim Ratib Views Bulk Operations 6.x-1.8

  • Karim Ratib Views Bulk Operations 6.x-1.9


References

XF - viewsbulk-drupal-unspec-security-bypass(62316)

BID - 43813

SECUNIA - 41696

MISC - http://drupal.org/node/933960

CONFIRM - http://drupal.org/node/933596


Last Updated: 27 May 2016 11:00:52