Lucene search
HistoryJun 06, 2006 - 12:02 a.m.
CVE-2006-2831
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.153 Low
EPSS
Percentile
95.9%
Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
Affected configurations
Node
drupaldrupalMatch4.6
ORdrupaldrupalMatch4.6.0
ORdrupaldrupalMatch4.6.1
ORdrupaldrupalMatch4.6.2
ORdrupaldrupalMatch4.6.3
ORdrupaldrupalMatch4.6.4
ORdrupaldrupalMatch4.6.5
ORdrupaldrupalMatch4.6.6
ORdrupaldrupalMatch4.6.7
ORdrupaldrupalMatch4.7.0
ORdrupaldrupalMatch4.7.1
Related
ubuntucve
ubuntucve
CVE-2006-2831
2006-06-06 00:00:00
CVE-2006-2743
2006-06-01 00:00:00
cve
cve
CVE-2006-2831
2006-06-06 00:02:00
CVE-2006-2743
2006-06-01 10:02:00
prion
prion
Code injection
2006-06-06 00:02:00
Directory traversal
2006-06-01 10:02:00
cvelist
cvelist
CVE-2006-2831
2006-06-06 00:00:00
CVE-2006-2743
2006-06-01 10:00:00
openvas
openvas
Debian Security Advisory DSA 1125-1 (drupal)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1125-1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1125)
2008-01-17 00:00:00
osv
osv
drupal - several
2006-07-27 00:00:00
debian
debian
nessus
nessus
Debian DSA-1125-2 : drupal - several vulnerabilities
2006-10-14 00:00:00
nvd
nvd
CVE-2006-2743
2006-06-01 10:02:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2006-05-18 00:00:00
securityvulns
securityvulns
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.153 Low
EPSS
Percentile
95.9%
Related for NVD:CVE-2006-2831