Vigil@nce - Drupal Image Resize Filter: denial of service
February 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can query numerous operations to Drupal Image Resize
Filter, in order to trigger a denial of service.
Impacted products: Drupal Modules
Severity: 1/4
Creation date: 13/02/2014
DESCRIPTION OF THE VULNERABILITY
The Image Resize Filter module can be installed on Drupal.
However, it does not limit the number of resizing requests.
An attacker can therefore query numerous operations to Drupal
Image Resize Filter, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Drupal-Image-Resize-Filter-denial-of-service-14248