1. CVE-Search
  2. CVE-2012-2067
ID CVE-2012-2067
Summary Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote attackers to execute arbitrary PHP code via the text parameter to a text filter. NOTE: some of these details are obtained from third party information. Per http://drupal.org/node/1482528 the versions affected are "FCKeditor 6.x-2.x versions prior to 6.x-2.3, CKEditor 6.x-1.x versions prior to 6.x-1.9, and CKEditor 7.x-1.x versions prior to 7.x-1.7."
References
Vulnerable Configurations
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta2:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.1:beta2:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.2-1:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.2-1:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta2:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:beta2:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc3:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc3:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc5:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc5:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc6:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc6:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc7:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.3:rc7:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.4:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.4:rc2:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.4:rc2:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-1.x:dev:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-1.x:dev:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha3:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha4:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha5:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.2:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.3:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:fckeditor:6.x-2.x:dev:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:fckeditor:6.x-2.x:dev:*:*:*:*:*:*
  • cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
    cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.4:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.5:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.6:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.7:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:6.x-1.x:dev:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:6.x-1.x:dev:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.4:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.5:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.6:*:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ckeditor:ckeditor:7.x-1.x:dev:*:*:*:*:*:*
    cpe:2.3:a:ckeditor:ckeditor:7.x-1.x:dev:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
confirm
misc http://drupal.org/node/1482528
mlist [oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)
osvdb 80080
secunia 48435
xf ckeditor-drupal-code-execution(74037)
Last major update 29-08-2017 - 01:31
Published 05-09-2012 - 00:55
Last modified 29-08-2017 - 01:31
Back to Top