subject:"\[Full\-disclosure\] \[Security\-news\] SA\-CORE\-2012\-003 \- Drupal core \- Arbitrary PHP code execution and Information disclosure"

Re: [Full-disclosure] [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure

2012-10-18 Thread Dex

Hi I only see this in commit logs that appears to refer to it,http://drupalcode.org/project/drupal.git/commitdiff/3c0da100087b599667af56fff6db5d44a22b5254 do you have any further commits? thx On Wednesday, October 17, 2012 at 10:58 PM, security-n...@drupal.org wrote:View online:

[Full-disclosure] [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure

2012-10-17 Thread security-news

View online: http://drupal.org/node/1815912 * Advisory ID: DRUPAL-SA-CORE-2012-003 * Project: Drupal core [1] * Version: 7.x * Date: 2012-October-17 * Security risk: Highly critical [2] * Exploitable from: Remote * Vulnerability: Information Disclosure, Arbitrary PHP code execution