Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3745

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2008-3745
Last Modified 07 Mar 2011 10:11:20
Published 27 Aug 2008 11:21:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-3745

Summary

The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors.

Vulnerable Systems

Application

  • Drupal 6.0

  • Drupal 6.1

  • Drupal 6.2

  • Drupal 6.3

  • Drupal Upload Module


References

CONFIRM - http://drupal.org/node/295053

FEDORA - FEDORA-2008-7626

FEDORA - FEDORA-2008-7467

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=459108

XF - drupal-upload-security-bypass(44458)

VUPEN - ADV-2008-2392

BID - 30689

SECUNIA - 31825


Last Updated: 27 May 2016 10:48:18