CVE-2005-3974

Опубликовано: 03 дек. 2005

Источник: debian

EPSS Низкий

Описание

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
drupal	fixed	4.5.6-1		package

EPSS

Процентиль: 67%

0.00548

Низкий

Связанные уязвимости

CVE-2005-3974

ubuntu

больше 19 лет назад

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

CVE-2005-3974

nvd

больше 19 лет назад

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

GHSA-x3xc-9hqw-jqwj

github

около 3 лет назад

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

EPSS

Процентиль: 67%

0.00548

Низкий