Description

The File module in Drupal 7.x before 7.11, when using unspecified field access modules, allows remote authenticated users to read arbitrary private files that are associated with restricted fields via unspecified vectors.

Remediation

References

CVE-2012-0827

Related Vulnerabilities

Oracle JRE CVE-2019-2958 Vulnerability (CVE-2019-2958)

Drupal Other Vulnerability (CVE-2006-4002)

WordPress Plugin AdRoll for WooCommerce Stores Unspecified Vulnerability (2.2.5)

Joomla! Core 3.x.x SQL Injection (3.2.0 - 3.4.4)

WordPress Plugin jcwp youtube channel embed Cross-Site Scripting (1.5.2)

Severity

Low

Classification

CVE-2012-0827 CWE-264

Tags

Missing Update Known Vulnerabilities