|
|
CVE Reference: CVE-2008-3222 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3222 |
|
|
Description: Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43706 SAID Secunia Advisory: SA31211 Secunia Advisory: SA31079 MLIST http://www.openwall.com/lists/oss-security/2008/07/10/3 FEDORA CONFIRM http://drupal.org/node/280571 http://drupal.org/node/286417 BID 30168 30359 |
|
| Return to the previous page. |
