Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0226

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2013-0226
Last Modified 21 Mar 2013 10:45:15
Published 19 Mar 2013 10:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2013-0226

Summary

The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the "view shortcuts" permission to read nodes or (2) remote authenticated users with the "admin shortcuts" permission to read, edit, or delete nodes via unspecified vectors.

Vulnerable Systems

Application

  • Zugec Ivan Keyboard Shortcut Utility 7.x-1.0


References

CONFIRM - https://drupal.org/node/1896752

MLIST - [oss-security] 20130124 Re: CVE request for Drupal contributed modules


Last Updated: 27 May 2016 11:02:05