← voltar
CVE-2012-0825

CVE-2012-0825

EPSS 2.0%
Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://openid.net/2011/05/05/attribute-exchange-security-alert/https://drupal.org/node/1425084http://www.debian.org/security/2013/dsa-2776