First published: Fri Mar 20 2009(Updated: )
Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Drupal Print Module | =5.x | |
Drupal Print Module | =5.x-1.0 | |
Drupal Print Module | =5.x-1.1 | |
Drupal Print Module | =5.x-1.2 | |
Drupal Print Module | =5.x-1.x-dev | |
Drupal Print Module | =5.x-2.1 | |
Drupal Print Module | =5.x-2.2 | |
Drupal Print Module | =5.x-2.x-dev | |
Drupal Print Module | =5.x-3.0 | |
Drupal Print Module | =5.x-3.1 | |
Drupal Print Module | =5.x-3.2 | |
Drupal Print Module | =5.x-3.3 | |
Drupal Print Module | =5.x-3.4 | |
Drupal Print Module | =5.x-3.5 | |
Drupal Print Module | =5.x-3.6 | |
Drupal Print Module | =5.x-3.7 | |
Drupal Print Module | =5.x-4.0 | |
Drupal Print Module | =5.x-4.1 | |
Drupal Print Module | =5.x-4.2 | |
Drupal Print Module | =5.x-4.3 | |
Drupal Print Module | =5.x-4.x-dev | |
Drupal Print Module | =6.x-1.0 | |
Drupal Print Module | =6.x-1.0-rc3 | |
Drupal Print Module | =6.x-1.0-rc4 | |
Drupal Print Module | =6.x-1.0-rc5 | |
Drupal Print Module | =6.x-1.0-rc8 | |
Drupal Print Module | =6.x-1.0-rc9 | |
Drupal Print Module | =6.x-1.1 | |
Drupal Print Module | =6.x-1.2 | |
Drupal Print Module | =6.x-1.3 | |
Drupal Print Module | =6.x-1.x-dev | |
Drupal |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-1037 is considered a moderate severity vulnerability as it allows remote attackers to send unlimited spam messages.
To fix CVE-2009-1037, you should update the Printer, e-mail and PDF versions module to version 5.x-4.4 or 6.x-1.4 or later.
CVE-2009-1037 affects the Drupal Print module versions 5.x before 5.x-4.4 and 6.x before 6.x-1.4.
The potential impacts of CVE-2009-1037 include the ability for attackers to exploit the flood control API, allowing unsolicited bulk emailing.
Yes, a patch is available through the module updates that address the vulnerability in CVE-2009-1037.