CVE-2007-4650

Sažetak

Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=191587
http://gallery.menalto.com/gallery_2.2.3_released
http://osvdb.org/41657
http://osvdb.org/41658
http://secunia.com/advisories/26716
http://secunia.com/advisories/26719
http://secunia.com/advisories/27502
http://secunia.com/advisories/27594
http://security.gentoo.org/glsa/glsa-200711-03.xml
http://www.debian.org/security/2007/dsa-1404
http://www.securityfocus.com/bid/25580
http://www.vupen.com/english/advisories/2007/3072
https://bugzilla.redhat.com/show_bug.cgi?id=267421
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

08-03-2011 - 02:58

Objavljeno

04-09-2007 - 17:17