CVE-2012-1588

medium

Description

Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service (CPU consumption) via a long email address.

References

http://www.securityfocus.com/bid/53368

http://www.mandriva.com/security/advisories?name=MDVSA-2013:074

http://secunia.com/advisories/49012

http://drupalcode.org/project/drupal.git/commit/db79496ae983447506f016a20738c3d7e5d059fa

http://drupal.org/node/1558468

http://drupal.org/node/1557938

http://drupal.org/drupal-7.14

Details

Source: Mitre, NVD

Published: 2012-10-01

Updated: 2013-12-13

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium