What is the severity of CVE-2012-6065?

CVE-2012-6065 is considered a critical vulnerability due to its ability to allow remote authenticated users to execute arbitrary PHP code.

How do I fix CVE-2012-6065?

To fix CVE-2012-6065, update the OM Maximenu module to version 6.x-1.44 or later, where the vulnerability has been addressed.

Who is affected by CVE-2012-6065?

CVE-2012-6065 affects users of the OM Maximenu module versions 6.x-1.43 and earlier who have the 'Administer OM Maximenu' permission.

What does the 'Title has PHP' option do in OM Maximenu related to CVE-2012-6065?

The 'Title has PHP' option in OM Maximenu allows the execution of PHP code within the link title, contributing to the vulnerability of CVE-2012-6065.

Is CVE-2012-6065 a part of other vulnerabilities?

CVE-2012-6065 is a distinct vulnerability and is different from CVE-2012-5553, although both affect the OM Maximenu module.

Vulnerability/
CVE-2012-6065

medium

4.6

3/12/2012

17/9/2024

CVE-2012-6065

First published: Mon Dec 03 2012(Updated: )

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Daniel Honrade Om Maximenu	<=6.x-1.43
Daniel Honrade Om Maximenu	=6.x-1.0
Daniel Honrade Om Maximenu	=6.x-1.0-rc1
Daniel Honrade Om Maximenu	=6.x-1.0-rc2
Daniel Honrade Om Maximenu	=6.x-1.0-rc3
Daniel Honrade Om Maximenu	=6.x-1.0-rc4
Daniel Honrade Om Maximenu	=6.x-1.0-rc5
Daniel Honrade Om Maximenu	=6.x-1.0-rc6
Daniel Honrade Om Maximenu	=6.x-1.0-rc7
Daniel Honrade Om Maximenu	=6.x-1.1
Daniel Honrade Om Maximenu	=6.x-1.2
Daniel Honrade Om Maximenu	=6.x-1.3
Daniel Honrade Om Maximenu	=6.x-1.4
Daniel Honrade Om Maximenu	=6.x-1.5
Daniel Honrade Om Maximenu	=6.x-1.6
Daniel Honrade Om Maximenu	=6.x-1.7
Daniel Honrade Om Maximenu	=6.x-1.8
Daniel Honrade Om Maximenu	=6.x-1.9
Daniel Honrade Om Maximenu	=6.x-1.10
Daniel Honrade Om Maximenu	=6.x-1.11
Daniel Honrade Om Maximenu	=6.x-1.12
Daniel Honrade Om Maximenu	=6.x-1.13
Daniel Honrade Om Maximenu	=6.x-1.14
Daniel Honrade Om Maximenu	=6.x-1.15
Daniel Honrade Om Maximenu	=6.x-1.16
Daniel Honrade Om Maximenu	=6.x-1.17
Daniel Honrade Om Maximenu	=6.x-1.18
Daniel Honrade Om Maximenu	=6.x-1.19
Daniel Honrade Om Maximenu	=6.x-1.20
Daniel Honrade Om Maximenu	=6.x-1.21
Daniel Honrade Om Maximenu	=6.x-1.22
Daniel Honrade Om Maximenu	=6.x-1.23
Daniel Honrade Om Maximenu	=6.x-1.24
Daniel Honrade Om Maximenu	=6.x-1.25
Daniel Honrade Om Maximenu	=6.x-1.26
Daniel Honrade Om Maximenu	=6.x-1.27
Daniel Honrade Om Maximenu	=6.x-1.28
Daniel Honrade Om Maximenu	=6.x-1.29
Daniel Honrade Om Maximenu	=6.x-1.30
Daniel Honrade Om Maximenu	=6.x-1.31
Daniel Honrade Om Maximenu	=6.x-1.32
Daniel Honrade Om Maximenu	=6.x-1.33
Daniel Honrade Om Maximenu	=6.x-1.34
Daniel Honrade Om Maximenu	=6.x-1.35
Daniel Honrade Om Maximenu	=6.x-1.36
Daniel Honrade Om Maximenu	=6.x-1.37
Daniel Honrade Om Maximenu	=6.x-1.38
Daniel Honrade Om Maximenu	=6.x-1.39
Daniel Honrade Om Maximenu	=6.x-1.40
Daniel Honrade Om Maximenu	=6.x-1.41
Daniel Honrade Om Maximenu	=6.x-1.42
Daniel Honrade Om Maximenu	=6.x-1.x-dev
Drupal

Remedy

http://drupal.org/node/1834046

Remedy

http://drupal.org/node/1834048

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-6065?
CVE-2012-6065 is considered a critical vulnerability due to its ability to allow remote authenticated users to execute arbitrary PHP code.
How do I fix CVE-2012-6065?
To fix CVE-2012-6065, update the OM Maximenu module to version 6.x-1.44 or later, where the vulnerability has been addressed.
Who is affected by CVE-2012-6065?
CVE-2012-6065 affects users of the OM Maximenu module versions 6.x-1.43 and earlier who have the 'Administer OM Maximenu' permission.
What does the 'Title has PHP' option do in OM Maximenu related to CVE-2012-6065?
The 'Title has PHP' option in OM Maximenu allows the execution of PHP code within the link title, contributing to the vulnerability of CVE-2012-6065.
Is CVE-2012-6065 a part of other vulnerabilities?
CVE-2012-6065 is a distinct vulnerability and is different from CVE-2012-5553, although both affect the OM Maximenu module.

agent/remedy
agent/softwarecombine
agent/type
agent/author
agent/severity
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/daniel honrade
canonical/daniel honrade om maximenu
version/daniel honrade om maximenu/6.x-1.43
version/daniel honrade om maximenu/6.x-1.0
version/daniel honrade om maximenu/6.x-1.0-rc1
version/daniel honrade om maximenu/6.x-1.0-rc2
version/daniel honrade om maximenu/6.x-1.0-rc3
version/daniel honrade om maximenu/6.x-1.0-rc4
version/daniel honrade om maximenu/6.x-1.0-rc5
version/daniel honrade om maximenu/6.x-1.0-rc6
version/daniel honrade om maximenu/6.x-1.0-rc7
version/daniel honrade om maximenu/6.x-1.1
version/daniel honrade om maximenu/6.x-1.2
version/daniel honrade om maximenu/6.x-1.3
version/daniel honrade om maximenu/6.x-1.4
version/daniel honrade om maximenu/6.x-1.5
version/daniel honrade om maximenu/6.x-1.6
version/daniel honrade om maximenu/6.x-1.7
version/daniel honrade om maximenu/6.x-1.8
version/daniel honrade om maximenu/6.x-1.9
version/daniel honrade om maximenu/6.x-1.10
version/daniel honrade om maximenu/6.x-1.11
version/daniel honrade om maximenu/6.x-1.12
version/daniel honrade om maximenu/6.x-1.13
version/daniel honrade om maximenu/6.x-1.14
version/daniel honrade om maximenu/6.x-1.15
version/daniel honrade om maximenu/6.x-1.16
version/daniel honrade om maximenu/6.x-1.17
version/daniel honrade om maximenu/6.x-1.18
version/daniel honrade om maximenu/6.x-1.19
version/daniel honrade om maximenu/6.x-1.20
version/daniel honrade om maximenu/6.x-1.21
version/daniel honrade om maximenu/6.x-1.22
version/daniel honrade om maximenu/6.x-1.23
version/daniel honrade om maximenu/6.x-1.24
version/daniel honrade om maximenu/6.x-1.25
version/daniel honrade om maximenu/6.x-1.26
version/daniel honrade om maximenu/6.x-1.27
version/daniel honrade om maximenu/6.x-1.28
version/daniel honrade om maximenu/6.x-1.29
version/daniel honrade om maximenu/6.x-1.30
version/daniel honrade om maximenu/6.x-1.31
version/daniel honrade om maximenu/6.x-1.32
version/daniel honrade om maximenu/6.x-1.33
version/daniel honrade om maximenu/6.x-1.34
version/daniel honrade om maximenu/6.x-1.35
version/daniel honrade om maximenu/6.x-1.36
version/daniel honrade om maximenu/6.x-1.37
version/daniel honrade om maximenu/6.x-1.38
version/daniel honrade om maximenu/6.x-1.39
version/daniel honrade om maximenu/6.x-1.40
version/daniel honrade om maximenu/6.x-1.41
version/daniel honrade om maximenu/6.x-1.42
version/daniel honrade om maximenu/6.x-1.x-dev
vendor/drupal
canonical/drupal

CVE-2012-6065

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-6065?

How do I fix CVE-2012-6065?

Who is affected by CVE-2012-6065?

What does the 'Title has PHP' option do in OM Maximenu related to CVE-2012-6065?

Is CVE-2012-6065 a part of other vulnerabilities?

Company

Resources

Contact