Boletines de Vulnerabilidades

DSA-2914 drupal6 - security update

Información sobre el sistema
   
Software afectado Debian

Descripción
An information disclosure vulnerability was discovered in Drupal, afully-featured content management framework. When pages are cached foranonymous users, form state may leak between anonymous users. Sensitiveor private information recorded for one anonymous user could thus bedisclosed to other users interacting with the same form at the sametime.

More info:

http://www.debian.org/security/2014/dsa-2914

Identificadores estándar
Propiedad Valor
CVE CVE-2014-2983 and DSA-2914.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-04-27

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT