Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1588

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-1588
Last Modified 12 Dec 2013 11:58:14
Published 30 Sep 2012 08:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-1588

Summary

Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service (CPU consumption) via a long email address.

Vulnerable Systems

Application

  • Drupal 7.0

  • Drupal 7.1

  • Drupal 7.10

  • Drupal 7.11

  • Drupal 7.12

  • Drupal 7.13

  • Drupal 7.2

  • Drupal 7.3

  • Drupal 7.4

  • Drupal 7.5

  • Drupal 7.6

  • Drupal 7.7

  • Drupal 7.8

  • Drupal 7.9

  • Drupal 7.x-dev


References

CONFIRM - http://drupalcode.org/project/drupal.git/commit/db79496ae983447506f016a20738c3d7e5d059fa

CONFIRM - http://drupal.org/node/1558468

CONFIRM - http://drupal.org/node/1557938

CONFIRM - http://drupal.org/drupal-7.14

BID - 53368

SECUNIA - 49012

MANDRIVA - MDVSA-2013:074


Last Updated: 27 May 2016 11:00:49