CVE Vulnerabilities

CVE-2006-2743

Published: Jun 01, 2006 | Modified: Oct 18, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.

Affected Software

Name Vendor Start Version End Version
Drupal Drupal 4.6.0 4.6.0
Drupal Drupal 4.6 4.6
Drupal Drupal 4.6.5 4.6.5
Drupal Drupal 4.6.2 4.6.2
Drupal Drupal 4.6.3 4.6.3
Drupal Drupal 4.6.4 4.6.4
Drupal Drupal 4.7.0 4.7.0
Drupal Drupal 4.6.1 4.6.1
Drupal Drupal 4.6.6 4.6.6

References