CVE-2005-3974

Опубликовано: 03 дек. 2005

Источник: ubuntu

Приоритет: untriaged

EPSS Низкий

CVSS2: 6.4

Описание

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

Релиз	Статус	Примечание
dapper	not-affected
devel	DNE
edgy	not-affected
feisty	not-affected
upstream	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2005-3974

EPSS

Процентиль: 67%

0.00548

Низкий

6.4 Medium

CVSS2

Связанные уязвимости

CVE-2005-3974

nvd

больше 19 лет назад

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

CVE-2005-3974

debian

больше 19 лет назад

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PH ...

GHSA-x3xc-9hqw-jqwj

github

больше 3 лет назад

Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

EPSS

Процентиль: 67%

0.00548

Низкий

6.4 Medium

CVSS2

CVE-2005-3974

Описание

Пакет drupal

Ссылки на источники

Связанные уязвимости