Drupal Core System Modules Reflected File Download Vulnerability (CVE-2016-3168)

2016年8月5日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

概要

The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content, aka a "reflected file download vulnerability."

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1007518