Lucene search

PRIOn knowledge basePRION:CVE-2007-1035

HistoryFeb 21, 2007 - 11:28 a.m.

Design/Logic Flaw

2007-02-2111:28:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

89.8%

JSON

Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.

CPENameOperatorVersion
getid3eq1.7.1

CPE	Name	Operator	Version
	getid3	eq	1.7.1

References

blamcast.net/articles/highly-critical-security-flaws-in-drupal-audio-module

osvdb.org/35161

www.securityfocus.com/bid/22587

www.vupen.com/english/advisories/2007/0635

drupal.org/node/119385

exchange.xforce.ibmcloud.com/vulnerabilities/32542

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

89.8%

JSON

Related for PRION:CVE-2007-1035