HNS MAIN FEED
Saturday, 03:23 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Drupal Userpoints Module "userpoint" Information Disclosure
06 November 2009
Userpoints is a module for the Drupal content manager. The application is exposed to an information disclosure issue because it fails to restrict access to certain portions of the affected application. Specifically, users with "View own userpoints" permissions are allowed to access any userpoint data of any other user.Userpoints versions earlier than 6.x-1.1 are affected by this issue.
Ref: http://drupal.org/node/610818
09.44.95 - CVE: Not Available
Platform: Web Application
Ref: http://drupal.org/node/610818
09.44.95 - CVE: Not Available
Platform: Web Application