Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4482

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4482
Last Modified 02 Nov 2012 12:00:00
Published 31 Oct 2012 12:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4482

Summary

The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspecified vectors.

Vulnerable Systems

Application

  • Longwaveconsulting Ubercart Securetrading Payment Method Module 6.x-1.0


References

MLIST - [oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules

MLIST - [oss-security] 20121004 CVE Request for Drupal Contributed Modules

MISC - http://drupal.org/node/1679820


Last Updated: 27 May 2016 10:53:42