4.3 - CVE-2012-6645

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2012-6645	First vendor Publication	2014-04-08
Vendor	Cve	Last vendor Modification	2017-08-29

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cross-site scripting (XSS) vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via the title of a node, a different vulnerability than CVE-2012-1561.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6645

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Type	Description	Count
Application	Danielb Finder cpe:2.3:a:danielb:finder:7.x-2.x:dev:::::: cpe:2.3:a:danielb:finder:7.x-2.0:alpha5:::::: cpe:2.3:a:danielb:finder:7.x-2.0:alpha4:::::: cpe:2.3:a:danielb:finder:7.x-2.0:alpha2:::::: cpe:2.3:a:danielb:finder:7.x-2.0:alpha3:::::: cpe:2.3:a:danielb:finder:7.x-2.0:alpha6:::::: cpe:2.3:a:danielb:finder:7.x-2.0:alpha1:::::: cpe:2.3:a:danielb:finder:7.x-1.x:dev:::::: cpe:2.3:a:danielb:finder:7.x-1.6:::::::* cpe:2.3:a:danielb:finder:7.x-1.5:::::::* cpe:2.3:a:danielb:finder:7.x-1.4:::::::* cpe:2.3:a:danielb:finder:7.x-1.3:::::::* cpe:2.3:a:danielb:finder:7.x-1.2:::::::* cpe:2.3:a:danielb:finder:7.x-1.1:::::::* cpe:2.3:a:danielb:finder:7.x-1.0:::::::* cpe:2.3:a:danielb:finder:6.x-1.x-dev:::::::* cpe:2.3:a:danielb:finder:6.x-1.9:::::::* cpe:2.3:a:danielb:finder:6.x-1.8:::::::* cpe:2.3:a:danielb:finder:6.x-1.7:::::::* cpe:2.3:a:danielb:finder:6.x-1.6:::::::* cpe:2.3:a:danielb:finder:6.x-1.5:::::::* cpe:2.3:a:danielb:finder:6.x-1.4:::::::* cpe:2.3:a:danielb:finder:6.x-1.3:::::::* cpe:2.3:a:danielb:finder:6.x-1.25:::::::* cpe:2.3:a:danielb:finder:6.x-1.24:::::::* cpe:2.3:a:danielb:finder:6.x-1.23:::::::* cpe:2.3:a:danielb:finder:6.x-1.21:::::::* cpe:2.3:a:danielb:finder:6.x-1.20:::::::* cpe:2.3:a:danielb:finder:6.x-1.2:::::::* cpe:2.3:a:danielb:finder:6.x-1.19:::::::* cpe:2.3:a:danielb:finder:6.x-1.18:::::::* cpe:2.3:a:danielb:finder:6.x-1.17:::::::* cpe:2.3:a:danielb:finder:6.x-1.16:::::::* cpe:2.3:a:danielb:finder:6.x-1.15:::::::* cpe:2.3:a:danielb:finder:6.x-1.14:::::::* cpe:2.3:a:danielb:finder:6.x-1.13:::::::* cpe:2.3:a:danielb:finder:6.x-1.12:::::::* cpe:2.3:a:danielb:finder:6.x-1.11:::::::* cpe:2.3:a:danielb:finder:6.x-1.10:::::::* cpe:2.3:a:danielb:finder:6.x-1.1:::::::* cpe:2.3:a:danielb:finder:6.x-1.0:alpha21:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha23:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha7:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha2:::::: cpe:2.3:a:danielb:finder:6.x-1.0:rc2:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha22:::::: cpe:2.3:a:danielb:finder:6.x-1.0:rc3:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable3:::::: cpe:2.3:a:danielb:finder:6.x-1.0:rc4:::::: cpe:2.3:a:danielb:finder:6.x-1.0:beta3:::::: cpe:2.3:a:danielb:finder:6.x-1.0:beta1:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha3:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha6:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha10:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable1:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha20:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha28:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha18:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha9:::::: cpe:2.3:a:danielb:finder:6.x-1.0:rc1:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable7:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha12:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha4:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha1:::::: cpe:2.3:a:danielb:finder:6.x-1.0:::::::* cpe:2.3:a:danielb:finder:6.x-1.0:alpha11:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha8:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha15:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha14:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha26:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable0:::::: cpe:2.3:a:danielb:finder:6.x-1.0:beta2:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable2:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha13:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable6:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha27:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha24:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha16:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable5:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha5:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha19:::::: cpe:2.3:a:danielb:finder:6.x-1.0:unstable4:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha25:::::: cpe:2.3:a:danielb:finder:6.x-1.0:alpha17::::::	84

Sources (Detail)

Source	Url
CONFIRM	http://drupal.org/node/1432318 http://drupal.org/node/1432320 http://drupalcode.org/project/finder.git/commit/13e2d0c http://drupalcode.org/project/finder.git/commit/58443aa http://drupalcode.org/project/finder.git/commit/758fcf9 http://drupalcode.org/project/finder.git/commit/bc0cc82
MISC	http://www.madirish.net/content/drupal-finder-6x-19-xss-and-remote-code-execu... https://drupal.org/node/1432970
MLIST	http://www.openwall.com/lists/oss-security/2012/03/16/9 http://www.openwall.com/lists/oss-security/2012/03/19/9 http://www.openwall.com/lists/oss-security/2012/04/07/1
OSVDB	http://www.osvdb.org/79015
SECUNIA	http://secunia.com/advisories/47941 http://secunia.com/advisories/47943
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/73110

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:22:54	Multiple Updates
2021-04-22 01:27:19	Multiple Updates
2020-05-23 00:35:33	Multiple Updates
2017-08-29 09:24:11	Multiple Updates
2016-06-28 22:14:30	Multiple Updates
2016-04-26 22:37:34	Multiple Updates
2014-04-09 13:22:51	First insertion

4.3 - CVE-2012-6645

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU