Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0569

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-0569
Last Modified 07 Mar 2011 10:04:55
Published 04 Feb 2008 09:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0569

Summary

The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.

Vulnerable Systems

Application

  • Drupal Comment Upload Module 4.7

  • Drupal Comment Upload Module 5.0


References

VUPEN - ADV-2008-0374

BID - 27544

SECUNIA - 28729

CONFIRM - http://drupal.org/node/216036

CONFIRM - http://drupal.org/node/216035

CONFIRM - http://drupal.org/node/216024


Last Updated: 27 May 2016 10:46:52