Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request for Drupal core, and contributed modules
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 19 Dec 2012 21:16:11 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/19/2012 02:28 PM, Forest Monsen wrote:
Hello! I'd like to request CVE identifiers for several issues with 
core and contributed modules:

SA-CORE-2012-166: Multiple vulnerabilities 
http://drupal.org/SA-CORE-2012-004 (Looks like three identifiers
necessary here?)

Access bypass (User module search - Drupal 6 and 7)
Please use CVE-2012-5651 for this issue.

Access bypass (Upload module - Drupal 6)
Please use CVE-2012-5652 for this issue.

Arbitrary PHP code execution (File upload modules - Drupal 6 and 7)
Please use CVE-2012-5653 for this issue.

SA-CONTRIB-2012-173 - Nodewords: Information disclosure 
http://drupal.org/node/1859282

Please use CVE-2012-5654 for this issue.

SA-CONTRIB-2012-174 - Context - Information Disclosure 
http://drupal.org/node/1870550

Please use CVE-2012-5655 for this issue.

Thanks, Forest


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ0pEKAAoJEBYNRVNeJnmT3m8P/AtLcWrUckVnBEoARQfphuqE
dV5FlHBOyX+vrmapMl/4LgqSnSdjG4LCiCwyJ/meZlGF1dkuSutRAZq/gVp6lEY9
y6upxe/UnMZjroTeS9bUE/SqIM0IG/gqisW59BrHOgaIsERMowoDhLVp0mAcML5R
IxrPQWLACceoEtVbEcKndh5slp8uOnyYOv1MTRuST66OB0rln+RlHwb77guR30Fu
lkk98to73WLs8tSGrKXUaBt9XlpXgPgvHsFRs5TCkftBmoc8QMeZPWYEZz2RSnar
98zPexrZ4ijdA9raBnanBEbQsdmITV/uOc1+P6f0wfZ1VtuICktolBytJiOY+Lxx
zSq+EJkr/lqF/BEhGjrBvYH9gDGy1BeBgBiVWMIUfdH2q6jUQUbnqfWW+wR9csG3
6LM1exHklb0/ahIBTqmIOrNpLbkGqPO21daDinehEg/45b0BANbNSP7nwxZZpHfT
1VajmwDAcApdO/VRD2AKReylNhungmG1Fc7lakJPH9b3/P8ZVF5K1pdhmjzOJNwg
nKTZI7GRlKckqETd8Iy/5t+raKPQTvGu+kJwAouObHx1Mkn6b7bpVqWgVlu8R08j
rGAkmmvBrY78k7szzpOiJ7OoGmB5wb44X122yLUSX2UP7j6dZZVeiCVBhz5odWZI
zKZpPsD6mdLYojwkUeMj
=hfqG
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault