CVE-2012-0825

EPSS 0.70% · P72 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-0825

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Drupal 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal 6.23之前的6.x版本和7.11之前的7.x版本中存在漏洞，该漏洞源于程序没有验证Attribute Exchange (AX)信息是否签名。远程攻击者可通过实施中间人攻击利用该漏洞修改敏感AX信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-0825

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-0825

请登录查看更多情报信息。

https://drupal.org/node/1425084x_refsource_CONFIRM
http://openid.net/2011/05/05/attribute-exchange-security-alert/x_refsource_MISC
http://www.debian.org/security/2013/dsa-2776vendor-advisoryx_refsource_DEBIAN
https://nvd.nist.gov/vuln/detail/CVE-2012-0825

Same Patch Batch · n/a · 2013-10-28 · 28 CVEs total

CVE-2013-5744		Feng Office ‘index.php’ 跨站脚本漏洞
CVE-2013-6285		Tyler Technologies TaxWeb 信息泄露漏洞
CVE-2013-6020		Tyler Technologies TaxWeb 信息泄露漏洞
CVE-2013-6019		Tyler Technologies TaxWeb 跨站脚本漏洞
CVE-2013-6018		Tyler Technologies TaxWeb 跨站请求伪造漏洞
CVE-2013-5430		IBM Security AppScan Enterprise Jazz Team Server组件信任管理漏洞
CVE-2013-2186		Apache Commons FileUpload 输入验证错误漏洞
CVE-2013-2102		Red Hat JBoss Portal JGroups Diagnostics Service 信息泄露漏洞
CVE-2013-1056		X.Org X Server Xephyr 本地拒绝服务漏洞
CVE-2012-4572		Red Hat JBoss JBoss EAP 身份验证安全绕过漏洞
CVE-2012-4529		Red Hat JBoss Web 会话ID信息泄露漏洞
CVE-2013-6289		TYPO3 Apache Solr for TYPO3扩展跨站脚本漏洞
CVE-2013-6288		TYPO3 Apache Solr for TYPO3扩展安全漏洞
CVE-2013-6012		Juniper Junos 未授权访问漏洞
CVE-2013-6014		Juniper Junos 信息泄露漏洞
CVE-2013-4402		GnuPG 拒绝服务漏洞
CVE-2013-4394		systemd X Keyboard Extension Processing 本地提权漏洞
CVE-2013-4393		systemd ‘journald’功能拒绝服务漏洞
CVE-2013-4392		systemd 后置链接漏洞
CVE-2013-4391		systemd ‘journald-native.c’远程整数溢出漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-0825

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-0825

I. Basic Information for CVE-2012-0825

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-0825

III. Intelligence Information for CVE-2012-0825

Same Patch Batch · n/a · 2013-10-28 · 28 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2012-0825

Leave a comment