HNS MAIN FEED
Saturday, 04:48 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Drupal FileField Module Information Disclosure
03 November 2009
FileField is a module for the Drupal content manager. The application is exposed to an information disclosure issue because it fails to restrict access to certain resources. Specifically, the module fails to restrict access to files based on node access permissions when using Drupal core's private filesystem. FileField version 6.x-3.1 is affected by this issue.
Ref: http://drupal.org/node/611128
09.44.97 - CVE: Not Available
Platform: Web Application
Ref: http://drupal.org/node/611128
09.44.97 - CVE: Not Available
Platform: Web Application