- Patch #881578 by Gábor Hojtsy, scor: solve SA-CORE-2010-002 issues.

modules/comment/comment.module

@@ -1398,7 +1398,7 @@ function comment_access($op, $comment) {
   global $user;
 
   if ($op == 'edit') {
-    return ($user->uid && $user->uid == $comment->uid && user_access('edit own comments')) || user_access('administer comments');
+    return ($user->uid && $user->uid == $comment->uid && $comment->status == COMMENT_PUBLISHED && user_access('edit own comments')) || user_access('administer comments');
   }
 }
 

modules/file/file.module

@@ -125,9 +125,16 @@ function file_file_download($uri, $field_type = 'file') {
   // Get the file record based on the URI. If not in the database just return.
   $files = file_load_multiple(array(), array('uri' => $uri));
   if (count($files)) {
-    $file = reset($files);
+    foreach ($files as $item) {
+      // Since some database servers sometimes use a case-insensitive comparison
+      // by default, double check that the filename is an exact match.
+      if ($item->uri === $uri) {
+        $file = $item;
+        break;
+      }
+    }
   }
-  else {
+  if (!isset($file)) {
     return;
   }