Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5270

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5270
Last Modified 15 Nov 2008 02:00:24
Published 08 Oct 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5270

Summary

Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.

Vulnerable Systems

Application

  • Bendiken Boost Module For Drupal 4.7.-1.0

  • Bendiken Boost Module For Drupal 5.-1.0


References

CONFIRM - http://drupal.org/node/180591

XF - boost-drupal-file-overwrite(36939)

OSVDB - 45494

OSVDB - 45493


Last Updated: 27 May 2016 10:46:08