CVE-2009-4558

Name of the Vulnerable Software and Affected Versions Image Assist module versions 5.x-1.x before 5.x-1.8 Image Assist module versions 5.x-2.x before 2.0-alpha4 Image Assist module versions 6.x-1.x before 6.x-1.1 Image Assist module versions 6.x-2.x before 2.0-alpha4 Image Assist module versions 6.x-3.x-dev before 2009-07-15

Description The issue allows remote attackers to read the title or body of an arbitrary node via unknown vectors due to improper enforcement of privilege requirements for unspecified pages.

Recommendations For Image Assist module version 5.x-1.x, update to version 5.x-1.8 or later. For Image Assist module version 5.x-2.x, update to version 2.0-alpha4 or later. For Image Assist module version 6.x-1.x, update to version 6.x-1.1 or later. For Image Assist module version 6.x-2.x, update to version 2.0-alpha4 or later. For Image Assist module version 6.x-3.x-dev, update to a version released after 2009-07-15.