CVE 2009-2372
Drupal 6.x before 6.13 does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-
Related bugs and status
CVE-2009-2372 (Candidate) is related to these bugs:
Bug #395004: Drupal 6.13 released to fix moderately critical security vulnerability
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 395004 | Drupal 6.13 released to fix moderately critical security vulnerability | drupal6 (Ubuntu) | Medium | Invalid | ||
| 395004 | Drupal 6.13 released to fix moderately critical security vulnerability | drupal6 (Ubuntu Jaunty) | Medium | Invalid | ||
| 395004 | Drupal 6.13 released to fix moderately critical security vulnerability | drupal6 (Ubuntu Karmic) | Medium | Invalid | ||
Bug #431080: Fix critical security issues in drupal packages
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Hardy) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Intrepid) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Jaunty) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Karmic) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Debian) | Unknown | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Hardy) | Undecided | Invalid | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Intrepid) | Undecided | Invalid | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Jaunty) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Karmic) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Debian) | Unknown | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
