CVE Vulnerabilities

CVE-2009-4526

Published: Dec 31, 2009 | Modified: Jan 04, 2010
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a Send to friend form.

Affected Software

Name Vendor Start Version End Version
Print Joao_ventura 5.x-4.0 (including) 5.x-4.0 (including)
Print Joao_ventura 5.x-4.1 (including) 5.x-4.1 (including)
Print Joao_ventura 5.x-4.2 (including) 5.x-4.2 (including)
Print Joao_ventura 5.x-4.3 (including) 5.x-4.3 (including)
Print Joao_ventura 5.x-4.4 (including) 5.x-4.4 (including)
Print Joao_ventura 5.x-4.5 (including) 5.x-4.5 (including)
Print Joao_ventura 5.x-4.6 (including) 5.x-4.6 (including)
Print Joao_ventura 5.x-4.7 (including) 5.x-4.7 (including)
Print Joao_ventura 5.x-4.8 (including) 5.x-4.8 (including)
Print Joao_ventura 5.x-4.x-dev (including) 5.x-4.x-dev (including)
Print Joao_ventura 6.x-1.0 (including) 6.x-1.0 (including)
Print Joao_ventura 6.x-1.0-rc1 (including) 6.x-1.0-rc1 (including)
Print Joao_ventura 6.x-1.0-rc2 (including) 6.x-1.0-rc2 (including)
Print Joao_ventura 6.x-1.0-rc3 (including) 6.x-1.0-rc3 (including)
Print Joao_ventura 6.x-1.0-rc4 (including) 6.x-1.0-rc4 (including)
Print Joao_ventura 6.x-1.0-rc5 (including) 6.x-1.0-rc5 (including)
Print Joao_ventura 6.x-1.0-rc8 (including) 6.x-1.0-rc8 (including)
Print Joao_ventura 6.x-1.0-rc9 (including) 6.x-1.0-rc9 (including)
Print Joao_ventura 6.x-1.1 (including) 6.x-1.1 (including)
Print Joao_ventura 6.x-1.2 (including) 6.x-1.2 (including)
Print Joao_ventura 6.x-1.3 (including) 6.x-1.3 (including)
Print Joao_ventura 6.x-1.4 (including) 6.x-1.4 (including)
Print Joao_ventura 6.x-1.5 (including) 6.x-1.5 (including)
Print Joao_ventura 6.x-1.6 (including) 6.x-1.6 (including)
Print Joao_ventura 6.x-1.7 (including) 6.x-1.7 (including)
Print Joao_ventura 6.x-1.x-dev (including) 6.x-1.x-dev (including)

References