Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-4504

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2013-4504
Last Modified 14 May 2014 12:57:04
Published 13 May 2014 11:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2013-4504

Summary

The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node comments via a crafted URL.

Vulnerable Systems

Application

  • Monster Menus Module Project Monster Menus 7.x-1.0

  • Monster Menus Module Project Monster Menus 7.x-1.1

  • Monster Menus Module Project Monster Menus 7.x-1.10

  • Monster Menus Module Project Monster Menus 7.x-1.11

  • Monster Menus Module Project Monster Menus 7.x-1.12

  • Monster Menus Module Project Monster Menus 7.x-1.13

  • Monster Menus Module Project Monster Menus 7.x-1.14

  • Monster Menus Module Project Monster Menus 7.x-1.2

  • Monster Menus Module Project Monster Menus 7.x-1.3

  • Monster Menus Module Project Monster Menus 7.x-1.4

  • Monster Menus Module Project Monster Menus 7.x-1.5

  • Monster Menus Module Project Monster Menus 7.x-1.6

  • Monster Menus Module Project Monster Menus 7.x-1.7

  • Monster Menus Module Project Monster Menus 7.x-1.8

  • Monster Menus Module Project Monster Menus 7.x-1.9

  • Monster Menus Module Project Monster Menus 7.x-1.x


References

MISC - https://drupal.org/node/2124289

CONFIRM - https://drupal.org/node/2123287

MLIST - [oss-security] 20131103 Re: CVE request for Drupal contributed modules


Last Updated: 27 May 2016 11:05:13