Re: Drupal 7.14 <= Full Path Disclosure Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: Drupal 7.14 <= Full Path Disclosure Vulnerability
From: pereira@xxxxxxxxx
Date: Thu, 10 May 2012 13:38:03 GMT

Please note that the hotfix should be:

if(is_array($path)) { die(); }

I already submitted an update to the mailing list.

Prev by Date: [ MDVSA-2012:068-1 ] php
Next by Date: Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)
Previous by thread: Drupal 7.14 <= Full Path Disclosure Vulnerability
Next by thread: Drupal 7.14 <= Full Path Disclosure Vulnerability (Update)
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux