CVE-2007-1035

Description

Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32542

http://www.vupen.com/english/advisories/2007/0635

http://www.securityfocus.com/bid/22587

http://osvdb.org/35161

http://drupal.org/node/119385

http://blamcast.net/articles/highly-critical-security-flaws-in-drupal-audio-module

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3