1. Home
  2. CVE Database
  3. CVE-2007-1035
HIGH · 7.5

CVE-2007-1035

Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arb...

Vulnerability Description

Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
DrupalAudio ModuleAll versions
DrupalGetid31.7.1
DrupalMediafield ModuleAll versions

References

FAQ

What is CVE-2007-1035?

CVE-2007-1035 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arb...

How severe is CVE-2007-1035?

CVE-2007-1035 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-1035?

Check the references section above for vendor advisories and patch information. Affected products include: Drupal Audio Module, Drupal Getid3, Drupal Mediafield Module.