{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://drupal.org/node/158032"}, {"name": "25978", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25978"}, {"name": "ADV-2007-2470", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2470"}, {"name": "24862", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24862"}, {"name": "printfriendlypages-url-security-bypass(35314)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314"}, {"name": "37897", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37897"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://drupal.org/node/158029"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://drupal.org/node/152804"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3689", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://drupal.org/node/158032", "refsource": "CONFIRM", "url": "http://drupal.org/node/158032"}, {"name": "25978", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25978"}, {"name": "ADV-2007-2470", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2470"}, {"name": "24862", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24862"}, {"name": "printfriendlypages-url-security-bypass(35314)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314"}, {"name": "37897", "refsource": "OSVDB", "url": "http://osvdb.org/37897"}, {"name": "http://drupal.org/node/158029", "refsource": "CONFIRM", "url": "http://drupal.org/node/158029"}, {"name": "http://drupal.org/node/152804", "refsource": "CONFIRM", "url": "http://drupal.org/node/152804"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:28:51.606Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://drupal.org/node/158032"}, {"name": "25978", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25978"}, {"name": "ADV-2007-2470", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2470"}, {"name": "24862", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24862"}, {"name": "printfriendlypages-url-security-bypass(35314)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314"}, {"name": "37897", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37897"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://drupal.org/node/158029"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://drupal.org/node/152804"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3689", "datePublished": "2007-07-11T17:00:00", "dateReserved": "2007-07-11T00:00:00", "dateUpdated": "2024-08-07T14:28:51.606Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:drupal:print_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "5000E29D-E826-4C77-B141-B8F483D837AA", "versionEndIncluding": "4.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:print_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "54CC380C-A5C4-4B72-B0E4-201CBD4B238E", "versionEndIncluding": "5.x-1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments."}, {"lang": "es", "value": "El m\u00f3dulo Print anterior al 4.7-1.0 y el 5.x anterior al 5.x-1.2 para el Drupal permite a atacantes remotos leer los anuncios restringidos en el (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite y otros m\u00f3dulos de acceso sin especificar, a trav\u00e9s de argumentos URL modificados."}], "id": "CVE-2007-3689", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-07-11T17:30:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://drupal.org/node/152804"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://drupal.org/node/158029"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://drupal.org/node/158032"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/37897"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25978"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24862"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2470"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://drupal.org/node/152804"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://drupal.org/node/158029"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://drupal.org/node/158032"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37897"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25978"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24862"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2470"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}