CVE-2013-0246
EUVD-2013-027816.07.2013, 18:55
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of otherwise restricted images via unspecified vectors.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| drupal | drupal | 7.0 |
| drupal | drupal | 7.0:alpha1 |
| drupal | drupal | 7.0:alpha2 |
| drupal | drupal | 7.0:alpha3 |
| drupal | drupal | 7.0:alpha4 |
| drupal | drupal | 7.0:alpha5 |
| drupal | drupal | 7.0:alpha6 |
| drupal | drupal | 7.0:alpha7 |
| drupal | drupal | 7.0:beta1 |
| drupal | drupal | 7.0:beta2 |
| drupal | drupal | 7.0:beta3 |
| drupal | drupal | 7.0:dev |
| drupal | drupal | 7.0:rc1 |
| drupal | drupal | 7.0:rc2 |
| drupal | drupal | 7.0:rc3 |
| drupal | drupal | 7.0:rc4 |
| drupal | drupal | 7.1 |
| drupal | drupal | 7.2 |
| drupal | drupal | 7.3 |
| drupal | drupal | 7.4 |
| drupal | drupal | 7.5 |
| drupal | drupal | 7.6 |
| drupal | drupal | 7.7 |
| drupal | drupal | 7.8 |
| drupal | drupal | 7.9 |
| drupal | drupal | 7.10 |
| drupal | drupal | 7.11 |
| drupal | drupal | 7.12 |
| drupal | drupal | 7.13 |
| drupal | drupal | 7.14 |
| drupal | drupal | 7.15 |
| drupal | drupal | 7.16 |
| drupal | drupal | 7.17 |
| drupal | drupal | 7.18 |
| drupal | drupal | 7.x-dev:x |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| drupal6 |
| ||||||||||||||||||||||||||||
| drupal7 |
|
Common Weakness Enumeration
References