Launchpad CVE tracker

CVE 2012-4553

Drupal 7.x before 7.16 allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server, related to "transient conditions."

Related bugs and status

CVE-2012-4553 (Candidate) is related to these bugs:

Bug #1075455: SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure

Summary				In	Importance	Status
	1075455	SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure		drupal7 (Ubuntu)	Undecided	Fix Released
	1075455	SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure		drupal7 (Debian)	Unknown	Fix Released

Bug #1087497: Drupal7 SA-CORE-2012-003 Security Bugfix should backport to 12.04 and 12.10

Summary				In	Importance	Status
	1087497	Drupal7 SA-CORE-2012-003 Security Bugfix should backport to 12.04 and 12.10		drupal7 (Ubuntu)	Undecided	New

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-4553

References