Info

Disclosure

Jul 26, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS, Upgrade
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 5.2 or higher, as it has been reported to fix this vulnerability. In addition, the vendor has released a patch for some older versions.

Products

Unknown or Incomplete

References

CVE ID: 2007-4063 (see also: NVD)
Bugtraq ID: 25099
Secunia Advisory ID: 26224
ISS X-Force ID: 35639
Related OSVDB ID: 37899
VUPEN Advisory: ADV-2007-2697
Keyword: DRUPAL-SA-2007-017
Vendor Specific News/Changelog Entry: http://drupal.org/files/sa-2007-017/advisory.txt

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/37898