CVE-2012-5704 Information

Description

The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the \administer hotblocks\ permission to cause a denial of service (infinite loop and time out) via a block that references itself.

Reference

http://drupal.org/node/1732828 http://drupal.org/node/1732946 http://www.madirish.net/543 http://www.openwall.com/lists/oss-security/2012/10/04/6 http://www.openwall.com/lists/oss-security/2012/10/07/1