NVD

Id
43084  
Name
CVE-2012-1056  
Description
The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2012-02-13  
Modified Date
2012-02-14  
Seq
2012-1056  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
216780 43084 CVE-2012-1056 http://drupal.org/node/1423722  View
216781 43084 CVE-2012-1056 http://drupal.org/node/1425150  View
216782 43084 CVE-2012-1056 51826  View
216783 43084 CVE-2012-1056 drupal-multiple-blocks-security-bypass(72920)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25699 JVNDB-2012-001406 Drupal 用 Forward モジュールにおけるノードタイトルを取得される脆弱性 Drupal 用 Forward モジュールは、(1) Recent forwards、(2) Most forwarded、または (3) Dynamic blocks へのパーミッションを適切に処理しないため、ノードタイトルを取得される脆弱性が存在します。 CVE-2012-1056 54294 CVE-2012-1056 43084 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001406.html 2012-02-14 2012-02-15 View