CVE Vulnerability

CVE-2007-4650

Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.

6.4 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 4.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://gallery.menalto.com/gallery_2.2.3_released Patch
https://bugzilla.redhat.com/show_bug.cgi?id=267421
http://bugs.gentoo.org/show_bug.cgi?id=191587
http://www.debian.org/security/2007/dsa-1404
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html
http://security.gentoo.org/glsa/glsa-200711-03.xml
http://www.securityfocus.com/bid/25580
http://secunia.com/advisories/26716
http://secunia.com/advisories/26719
http://secunia.com/advisories/27502
http://secunia.com/advisories/27594
http://osvdb.org/41657
http://osvdb.org/41658
http://www.vupen.com/english/advisories/2007/3072
Configurations

Configuration 1

cpe:2.3:a:bharat_mediratta:gallery:*:*:*:*:*:*:*:*
Information

Published : 2007-09-04 05:17

Updated : 2011-03-08 02:58

NVD link : CVE-2007-4650

Mitre link : CVE-2007-4650

Products Affected
No products.
CWE
CWE-264

NVD-CWE-noinfo