IMCE for Drupal Delete Function Arbitrary File Deletion

ID OSVDB:29465
Type osvdb
Reporter OSVDB
Modified 2006-10-02T11:34:12


Solution Description

Upgrade to version 4.7.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor Specific Advisory URL Secunia Advisory ID:22261 Related OSVDB ID: 29466 Keyword: DRUPAL-SA-2006-023 ISS X-Force ID: 29324 FrSIRT Advisory: ADV-2006-3892 CVE-2006-7110 Bugtraq ID: 20312