mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
83 lines
2.3 KiB
JSON
83 lines
2.3 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2012-5586",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the \"access user profiles\" permission to access arbitrary users' emails via vectors related to the \"user index method\" and \"the path to the user resource.\""
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "[oss-security] 20121128 Re: CVE request for Drupal contributed modules",
|
|
"refsource" : "MLIST",
|
|
"url" : "http://www.openwall.com/lists/oss-security/2012/11/29/2"
|
|
},
|
|
{
|
|
"name" : "http://drupal.org/node/1853200",
|
|
"refsource" : "MISC",
|
|
"url" : "http://drupal.org/node/1853200"
|
|
},
|
|
{
|
|
"name" : "http://drupal.org/node/1842022",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://drupal.org/node/1842022"
|
|
},
|
|
{
|
|
"name" : "http://drupal.org/node/1842026",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://drupal.org/node/1842026"
|
|
},
|
|
{
|
|
"name" : "56723",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/56723"
|
|
}
|
|
]
|
|
}
|
|
}
|