CVE-2009-2237

EUVD-2009-2233
Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify "nodes or classes of nodes" via unknown vectors, probably related to registered procedures (aka actions).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
karim_ratibviews_bulk_operations
5.x-1.0:x
karim_ratibviews_bulk_operations
5.x-1.1:x
karim_ratibviews_bulk_operations
5.x-1.2:x
karim_ratibviews_bulk_operations
5.x-1.3:x
karim_ratibviews_bulk_operations
6.x-1.0:x
karim_ratibviews_bulk_operations
6.x-1.1:x
karim_ratibviews_bulk_operations
6.x-1.2:x
karim_ratibviews_bulk_operations
6.x-1.3:x
karim_ratibviews_bulk_operations
6.x-1.4:x
𝑥
= Vulnerable software versions
References
http://drupal.org/node/468450
http://secunia.com/advisories/35117
http://www.securityfocus.com/bid/35051
https://exchange.xforce.ibmcloud.com/vulnerabilities/50659
http://drupal.org/node/468450
http://secunia.com/advisories/35117
http://www.securityfocus.com/bid/35051
https://exchange.xforce.ibmcloud.com/vulnerabilities/50659