Lucene search
Ubuntu.comUB:CVE-2008-3741HistoryAug 27, 2008 - 12:00 a.m.
CVE-2008-3741
2008-08-2700:00:00
ubuntu.com
ubuntu.com
5
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
0.001
Percentile
45.1%
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts
the MIME type sent by a web browser, which allows remote authenticated
users to conduct cross-site scripting (XSS) attacks by uploading files
containing arbitrary web script or HTML.
Related
cvelist
cvelist
CVE-2008-3741
2008-08-27 15:00:00
prion
prion
Cross site scripting
2008-08-27 15:21:00
cve
cve
CVE-2008-3741
2008-08-27 15:21:00
nvd
nvd
CVE-2008-3741
2008-08-27 15:21:00
openvas
openvas
Fedora Update for drupal FEDORA-2008-7467
2009-02-17 00:00:00
Fedora Update for drupal FEDORA-2008-7467
2009-02-17 00:00:00
FreeBSD Ports: drupal5
2008-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: drupal-5.10-1.fc8
2008-09-10 06:53:23
[SECURITY] Fedora 9 Update: drupal-6.4-1.fc9
2008-09-10 07:08:35
nessus
nessus
Fedora 8 : drupal-5.10-1.fc8 (2008-7467)
2008-09-10 00:00:00
Fedora 9 : drupal-6.4-1.fc9 (2008-7626)
2008-09-10 00:00:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2008-08-13 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
0.001
Percentile
45.1%
Related for UB:CVE-2008-3741