Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4470

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-4470
Last Modified 29 Jan 2013 11:54:56
Published 30 Nov 2012 05:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4470

Summary

The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have other unspecified impact.

Vulnerable Systems

Application

  • Philip Ludlam Listhandler 6.x-1.0


References

MLIST - [oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules

CONFIRM - http://drupal.org/node/1819780

MISC - http://drupal.org/node/1679412

BID - 54376


Last Updated: 27 May 2016 10:49:52