Vulnerability Description
Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify "nodes or classes of nodes" via unknown vectors, probably related to registered procedures (aka actions).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Drupal | Drupal | All versions |
| Karim Ratib | Views Bulk Operations | 5.x-1.0 |
References
- http://drupal.org/node/468450PatchVendor Advisory
- http://secunia.com/advisories/35117Vendor Advisory
- http://www.securityfocus.com/bid/35051Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50659
- http://drupal.org/node/468450PatchVendor Advisory
- http://secunia.com/advisories/35117Vendor Advisory
- http://www.securityfocus.com/bid/35051Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50659
FAQ
What is CVE-2009-2237?
CVE-2009-2237 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify "no...
How severe is CVE-2009-2237?
CVE-2009-2237 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2237?
Check the references section above for vendor advisories and patch information. Affected products include: Drupal Drupal, Karim Ratib Views Bulk Operations.