CVE-2012-2704

Name of the Vulnerable Software and Affected Versions Drupal Advertisement module versions 6.x-2.x before 6.x-2.3

Description The issue allows remote attackers to obtain sensitive site configuration information. This is due to the Advertisement module not properly restricting access to debug information, which can reveal sensitive details specified by the $conf variable in settings.php.

Recommendations For versions prior to 6.x-2.3, update to version 6.x-2.3 or later to resolve the issue.