CVE-2015-3233

Published: Jun 22, 2015Modified: May 6, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected (51)

Products: Drupal: Drupal

1 product

Configuration A

51 vulnerable

Vulnerable Software	Affected Versions
Drupal Drupal	Version 7.0
Drupal Drupal	Version 7.0 alpha1
Drupal Drupal	Version 7.0 alpha2
Drupal Drupal	Version 7.0 alpha3
Drupal Drupal	Version 7.0 alpha4
Drupal Drupal	Version 7.0 alpha5
Drupal Drupal	Version 7.0 alpha6
Drupal Drupal	Version 7.0 alpha7
Drupal Drupal	Version 7.0 beta1
Drupal Drupal	Version 7.0 beta2
Drupal Drupal	Version 7.0 beta3
Drupal Drupal	Version 7.0 dev
Drupal Drupal	Version 7.0 rc1
Drupal Drupal	Version 7.0 rc2
Drupal Drupal	Version 7.0 rc3
Drupal Drupal	Version 7.0 rc4
Drupal Drupal	Version 7.10
Drupal Drupal	Version 7.11
Drupal Drupal	Version 7.12
Drupal Drupal	Version 7.13
Drupal Drupal	Version 7.14
Drupal Drupal	Version 7.15
Drupal Drupal	Version 7.16
Drupal Drupal	Version 7.17
Drupal Drupal	Version 7.18
Drupal Drupal	Version 7.19
Drupal Drupal	Version 7.1
Drupal Drupal	Version 7.20
Drupal Drupal	Version 7.21
Drupal Drupal	Version 7.22
Drupal Drupal	Version 7.23
Drupal Drupal	Version 7.24
Drupal Drupal	Version 7.25
Drupal Drupal	Version 7.26
Drupal Drupal	Version 7.27
Drupal Drupal	Version 7.28
Drupal Drupal	Version 7.29
Drupal Drupal	Version 7.2
Drupal Drupal	Version 7.30
Drupal Drupal	Version 7.33
Drupal Drupal	Version 7.34
Drupal Drupal	Version 7.35
Drupal Drupal	Version 7.36
Drupal Drupal	Version 7.37
Drupal Drupal	Version 7.3
Drupal Drupal	Version 7.4
Drupal Drupal	Version 7.5
Drupal Drupal	Version 7.6
Drupal Drupal	Version 7.7
Drupal Drupal	Version 7.8
Drupal Drupal	Version 7.9

References (28)

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html

Source: secalert@redhat.com

http://www.debian.org/security/2015/dsa-3291

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2015/07/04/4

Source: secalert@redhat.com

http://www.securityfocus.com/bid/75279

Source: secalert@redhat.com

http://www.securityfocus.com/bid/75280

Source: secalert@redhat.com

http://www.securityfocus.com/bid/75284

Source: secalert@redhat.com

https://www.drupal.org/SA-CORE-2015-002

Source: secalert@redhat.com

Vendor Advisory

https://www.drupal.org/node/2507535

Source: secalert@redhat.com

Patch

https://www.drupal.org/node/2507555

Source: secalert@redhat.com

Patch

https://www.drupal.org/node/2507561

Source: secalert@redhat.com

Patch

https://www.drupal.org/node/2507729

Source: secalert@redhat.com

PatchVendor Advisory

https://www.drupal.org/node/2507735

Source: secalert@redhat.com

https://www.drupal.org/node/2507741

Source: secalert@redhat.com

PatchVendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2015/dsa-3291

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2015/07/04/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/75279

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/75280

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/75284

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.drupal.org/SA-CORE-2015-002

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.drupal.org/node/2507535

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://www.drupal.org/node/2507555

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://www.drupal.org/node/2507561

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://www.drupal.org/node/2507729

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.drupal.org/node/2507735

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.drupal.org/node/2507741

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.