Описание
The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1591
- http://drupal.org/drupal-7.14
- http://drupal.org/node/1507988
- http://drupal.org/node/1557938
- http://drupalcode.org/project/drupal.git/commit/3bf6761ff7537dc68e22ea73f155134f3cfd41a8
- http://secunia.com/advisories/49012
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:074
- http://www.securityfocus.com/bid/53359
EPSS
CVE ID
Связанные уязвимости
The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles.
The image module in Drupal 7.x before 7.14 does not properly check per ...
EPSS