CVE-2012-4553 Information

Description

Drupal 7.x before 7.16 allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server related to \transient conditions.\

Reference

http://drupal.org/node/1815904 http://drupal.org/node/1815912 http://drupalcode.org/project/drupal.git/commit/b912710 http://www.openwall.com/lists/oss-security/2012/10/29/4 http://www.openwall.com/lists/oss-security/2012/10/30/5