--- captcha.module	2010-07-02 21:07:37.000000000 +0200
+++ captcha.module.patched	2010-10-12 16:13:01.000000000 +0200
@@ -189,7 +189,7 @@ function captcha_process($element, $edit
   // Get the CAPTCHA session ID.
   // If there is a submitted form: try to retrieve and reuse the
   // CAPTCHA session ID from the posted data.
-  list($posted_form_id, $posted_captcha_sid) = _captcha_get_posted_captcha_info($element, $form_state);
+  list($posted_form_id, $posted_captcha_sid) = _captcha_get_posted_captcha_info($element, $form_state, $complete_form);
   if ($this_form_id == $posted_form_id && isset($posted_captcha_sid)) {
     $captcha_sid = $posted_captcha_sid;
   }
@@ -455,13 +455,18 @@ function captcha_validate_case_insensiti
  * @return an array with $posted_form_id and $post_captcha_sid (with NULL values
  *     if the values could not be found, e.g. for a fresh form).
  */
-function _captcha_get_posted_captcha_info($element, $form_state) {
+function _captcha_get_posted_captcha_info($element, $form_state, $complete_form) {
   if (isset($form_state['captcha_info'])) {
     // We already determined the posted form ID and CAPTCHA session ID
     // for this form, so we reuse this info
     $posted_form_id = $form_state['captcha_info']['form_id'];
     $posted_captcha_sid = $form_state['captcha_info']['captcha_sid'];
   }
+  else if (isset($complete_form['#post']['captcha_sid'])) {
+  	// If filefield is used with cck, form_state is rebuild. The post info can be used in this case.
+  	$posted_form_id = $complete_form['#post']['form_id'];
+    $posted_captcha_sid = $complete_form['#post']['captcha_sid'];
+  }
   else {
     // We have to determine the posted form ID and CAPTCHA session ID
     // from the post data. We have to consider some sources for the post data.