Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1643

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-1643
Last Modified 29 Aug 2012 12:00:00
Published 28 Aug 2012 01:55:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1643

Summary

The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permissions" permission, which allows remote attackers to modify access permissions via unspecified vectors.

Vulnerable Systems

Application

  • Jason Savino Fp 7.x-1.0

  • Jason Savino Fp 7.x-1.1


References

MISC - https://drupal.org/node/1441448

OSVDB - 79316

MLIST - [oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)

SECUNIA - 48019

CONFIRM - http://drupalcode.org/project/fp.git/commitdiff/39e7587

CONFIRM - http://drupal.org/node/1441556


Last Updated: 27 May 2016 11:00:22