Lucene search
MitreCVELIST:CVE-2008-3741HistoryAug 27, 2008 - 3:00 p.m.
CVE-2008-3741
2008-08-2715:00:00
mitre
www.cve.org
2
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks by uploading files containing arbitrary web script or HTML.
References
drupal.org/node/295053
secunia.com/advisories/31462
secunia.com/advisories/31825
www.securityfocus.com/bid/30689
www.vupen.com/english/advisories/2008/2392
bugzilla.redhat.com/show_bug.cgi?id=459108
exchange.xforce.ibmcloud.com/vulnerabilities/44446
www.redhat.com/archives/fedora-package-announce/2008-September/msg00259.html
www.redhat.com/archives/fedora-package-announce/2008-September/msg00508.html
Related
prion
prion
Cross site scripting
2008-08-27 15:21:00
ubuntucve
ubuntucve
CVE-2008-3741
2008-08-27 00:00:00
cve
cve
CVE-2008-3741
2008-08-27 15:21:00
nvd
nvd
CVE-2008-3741
2008-08-27 15:21:00
fedora
fedora
[SECURITY] Fedora 8 Update: drupal-5.10-1.fc8
2008-09-10 06:53:23
[SECURITY] Fedora 9 Update: drupal-6.4-1.fc9
2008-09-10 07:08:35
openvas
openvas
Fedora Update for drupal FEDORA-2008-7467
2009-02-17 00:00:00
Fedora Update for drupal FEDORA-2008-7467
2009-02-17 00:00:00
FreeBSD Ports: drupal5
2008-09-04 00:00:00
nessus
nessus
Fedora 9 : drupal-6.4-1.fc9 (2008-7626)
2008-09-10 00:00:00
Fedora 8 : drupal-5.10-1.fc8 (2008-7467)
2008-09-10 00:00:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2008-08-13 00:00:00