CVE-2013-0316

Published: Mar 27, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests.

Affected (36)

Products: Drupal: Drupal

Drupal

1 product

Drupal

Configuration A

36 vulnerable

Vulnerable Software	Affected Versions
Drupal Drupal	Version 7.0
Drupal Drupal	Version 7.0 alpha1
Drupal Drupal	Version 7.0 alpha2
Drupal Drupal	Version 7.0 alpha3
Drupal Drupal	Version 7.0 alpha4
Drupal Drupal	Version 7.0 alpha5
Drupal Drupal	Version 7.0 alpha6
Drupal Drupal	Version 7.0 alpha7
Drupal Drupal	Version 7.0 beta1
Drupal Drupal	Version 7.0 beta2
Drupal Drupal	Version 7.0 beta3
Drupal Drupal	Version 7.0 dev
Drupal Drupal	Version 7.0 rc1
Drupal Drupal	Version 7.0 rc2
Drupal Drupal	Version 7.0 rc3
Drupal Drupal	Version 7.0 rc4
Drupal Drupal	Version 7.10
Drupal Drupal	Version 7.11
Drupal Drupal	Version 7.12
Drupal Drupal	Version 7.13
Drupal Drupal	Version 7.14
Drupal Drupal	Version 7.15
Drupal Drupal	Version 7.16
Drupal Drupal	Version 7.17
Drupal Drupal	Version 7.18
Drupal Drupal	Version 7.19
Drupal Drupal	Version 7.1
Drupal Drupal	Version 7.2
Drupal Drupal	Version 7.3
Drupal Drupal	Version 7.4
Drupal Drupal	Version 7.5
Drupal Drupal	Version 7.6
Drupal Drupal	Version 7.7
Drupal Drupal	Version 7.8
Drupal Drupal	Version 7.9
Drupal Drupal	Version 7.x-dev

Related CWEs

CWE-399

References (4)

http://drupal.org/SA-CORE-2013-002

Source: secalert@redhat.com

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2013/02/21/5

Source: secalert@redhat.com

http://drupal.org/SA-CORE-2013-002

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2013/02/21/5

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.