FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal7 -- Denial of service

Affected packages
drupal7 < 7.19

Details

VuXML ID a4d71e4c-7bf4-11e2-84cd-d43d7e0c7c02
Discovery 2013-02-20
Entry 2013-02-21

Drupal Security Team reports:

Drupal core's Image module allows for the on-demand generation of image derivatives. This capability can be abused by requesting a large number of new derivatives which can fill up the server disk space, and which can cause a very high CPU load. Either of these effects may lead to the site becoming unavailable or unresponsive.

References

CVE Name CVE-2013-0316
URL https://drupal.org/SA-CORE-2013-002