CVE-2012-1056

{"id": "CVE-2012-1056", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-02-14T00:55:00.740", "references": [{"url": "http://drupal.org/node/1423722", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://drupal.org/node/1425150", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/78817", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47851", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/51826", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72920", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors."}, {"lang": "es", "value": "El m\u00f3dulo Forward v6.x-1.x anterior a v6.x-1.21 y v7.x-1.x anterior a v7.x-1.3 para Drupal no aplica correctamente los permisos para (1) reenv\u00edos 'Recent' (2) enviado 'Most', o (3) bloques 'Dynamic', lo que permite a atacantes remotos obtener t\u00edtulos de nodos a trav\u00e9s de vectores no especificados."}], "lastModified": "2017-08-29T01:31:10.820", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "591EF0E9-CCA3-4996-AB5B-5E9C3B4D4571"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A3EE2BE-49DC-4573-AB55-3D0E80F2F70D"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "310173CA-5639-4270-9134-A18EB3DD551D"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "533B6B8A-BE5E-4D19-AA1A-2B5C887C5BEE"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B2B21E2-17B5-45EB-8A4F-FCC63EF0668C"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C049D3E3-D4EA-4AE3-BED2-A63F3EEDA7F0"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BC8677D-28BD-42C8-A469-0070FD141BDF"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D0307CD-9507-4FA2-8294-642688287717"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6D66470-7133-4380-AC55-EE15C51F72D3"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "000C51E5-4CE6-4839-BA93-4FFDD2EDCEDB"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3989A71-9188-4FCF-828B-04DE4ABA1FFA"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3A004DD-9852-4594-AAED-6A837971B606"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "639D6DD6-166D-453E-82BD-9015D4A8B9A6"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECBB54D3-94AF-4D47-853A-9E047950D84C"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "215024FE-1D6C-4220-A34D-3CB3E356C917"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54594F8E-8B3F-40B8-89A3-D974CB39CC65"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825510E4-F63E-4E2C-BAF2-20A59ECA2EF3"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFCBEB31-6E98-4BBE-878A-441F5BCAEAC2"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31E3EB43-5550-4A59-B941-450934EAC037"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC1DAAB-7B6F-4CA1-A37B-7EC749E56BA4"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1228050-F0DE-4493-A976-4EFC12E4A05B"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:6.x-1.x-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC598C74-9D35-43EA-A74E-77605C4CEA9A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63E6DB82-17BC-4F6B-AAF0-40054563E6A0"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39F9DB1E-AA37-49AE-80BD-DA0F0BE242DF"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:alpha2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FAAB6A6-4844-41AA-AB5E-0DC94FCE43BF"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:alpha3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CBCB70F-ED6D-489F-8AE7-EA96CDA4DEA1"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39881745-9EF8-44E7-8EBC-D99D7600D6F3"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A662BB80-197A-4A5B-B25F-1FBBC01AAF4D"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD9CED5B-9A11-497C-B426-EBAF9BB30466"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "925866B3-0DF1-4B0B-8086-B7A72D317DBC"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A430208-187A-4BD7-BE60-4AC7819322F3"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8E02D86-E313-407D-8951-89E10AE6B6EA"}, {"criteria": "cpe:2.3:a:sean_robertson:forward:7.x-1.x-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66A7EE37-458E-4150-A779-92F58079B23A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}