CVE-2009-3442

Description

The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does not properly follow permissions during assignment of node meta tags, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected products

• ariel_barreiro / meta_tags5.x-1.0 – 5.x-1.0
• ariel_barreiro / meta_tags5.x-1.1 – 5.x-1.1
• ariel_barreiro / meta_tags5.x-1.2 – 5.x-1.2
• ariel_barreiro / meta_tags5.x-1.3 – 5.x-1.3
• ariel_barreiro / meta_tags5.x-1.4 – 5.x-1.4
• ariel_barreiro / meta_tags5.x-1.x-dev – 5.x-1.x-dev
• ariel_barreiro / meta_tags6.x-1.0 – 6.x-1.0

References

• MISChttp://drupal.org/node/585706
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/53452
• MISChttp://drupal.org/node/585710
• MISChttp://osvdb.org/58314
• VENDOR_ADVISORYhttp://secunia.com/advisories/36841
• MISChttp://www.securityfocus.com/bid/36506