CVE Vulnerabilities

CVE-2008-0569

Published: Feb 05, 2008 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Comment_upload_module Drupal 4.7 (including) 4.7 (including)
Comment_upload_module Drupal 5.0 (including) 5.0 (including)

References