CVE-2009-2075

Description

Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict access when displaying node titles, which has unknown impact and attack vectors.

Affected products

• angrydonuts / nodequeue5.x-2.0 – 5.x-2.0
• angrydonuts / nodequeue5.x-2.0 – 5.x-2.0
• angrydonuts / nodequeue5.x-2.0 – 5.x-2.0
• angrydonuts / nodequeue5.x-2.0 – 5.x-2.0
• angrydonuts / nodequeue5.x-2.0 – 5.x-2.0
• angrydonuts / nodequeue5.x-2.1 – 5.x-2.1
• angrydonuts / nodequeue5.x-2.2 – 5.x-2.2
• angrydonuts / nodequeue5.x-2.4 – 5.x-2.4
• angrydonuts / nodequeue5.x-2.5 – 5.x-2.5
• angrydonuts / nodequeue5.x-2.6 – 5.x-2.6
• angrydonuts / nodequeue5.x-2.x – 5.x-2.x
• angrydonuts / nodequeue6.x-2.0 – 6.x-2.0
• angrydonuts / nodequeue6.x-2.1 – 6.x-2.1
• angrydonuts / nodequeue6.x-2.1 – 6.x-2.1
• angrydonuts / nodequeue6.x-2.1 – 6.x-2.1
• angrydonuts / nodequeue6.x-2.1 – 6.x-2.1
• angrydonuts / nodequeue6.x-2.x – 6.x-2.x

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/35424
• MISChttp://drupal.org/node/488092
• MISChttp://www.securityfocus.com/bid/35305
• MISChttp://drupal.org/node/488104
• MISChttp://drupal.org/node/488102