CVE-2007-0658

Name of the Vulnerable Software and Affected Versions Textimage module for Drupal versions 4.7.x before 4.7-1.2 Textimage module for Drupal versions 5.x before 5.x-1.1 Captcha module for Drupal versions 4.7.x before 4.7-1.2 Captcha module for Drupal versions 5.x before 5.x-1.1

Description The issue allows remote attackers to bypass the CAPTCHA test. This is achieved by including an empty captcha element in the $ SESSION variable.

Recommendations For Textimage module for Drupal versions 4.7.x before 4.7-1.2, update to version 4.7-1.2 or later. For Textimage module for Drupal versions 5.x before 5.x-1.1, update to version 5.x-1.1 or later. For Captcha module for Drupal versions 4.7.x before 4.7-1.2, update to version 4.7-1.2 or later. For Captcha module for Drupal versions 5.x before 5.x-1.1, update to version 5.x-1.1 or later.