NVD

Id
43920  
Name
CVE-2012-2067  
Description
Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote attackers to execute arbitrary PHP code via the text parameter to a text filter. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-09-04  
Modified Date
2012-09-05  
Seq
2012-2067  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
220570 43920 CVE-2012-2067 http://drupal.org/node/1482442  View
220571 43920 CVE-2012-2067 http://drupal.org/node/1482466  View
220572 43920 CVE-2012-2067 http://drupal.org/node/1482480  View
220573 43920 CVE-2012-2067 http://drupal.org/node/1482528  View
220574 43920 CVE-2012-2067 [oss-security] 20120406 CVE"s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)  View
220575 43920 CVE-2012-2067 ckeditor-drupal-code-execution(74037)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28377 JVNDB-2012-004084 Drupal 用 FCKeditor および CKEditor モジュールにおける任意の PHP コードを実行される脆弱性 Drupal 用 FCKeditor および CKEditor モジュールには、PHP のコアモジュールが有効な場合、任意の PHP コードを実行される脆弱性が存在します。 CVE-2012-2067 55305 CVE-2012-2067 43920 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004084.html 2012-03-14 2012-09-06 View