Detections
Analytics

CVE-2007-4650

critical

Description

Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.

References

https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html

https://bugzilla.redhat.com/show_bug.cgi?id=267421

http://www.vupen.com/english/advisories/2007/3072

http://www.securityfocus.com/bid/25580

http://www.debian.org/security/2007/dsa-1404

http://security.gentoo.org/glsa/glsa-200711-03.xml

http://secunia.com/advisories/27594

http://secunia.com/advisories/27502

http://secunia.com/advisories/26719

http://secunia.com/advisories/26716

http://osvdb.org/41658

http://osvdb.org/41657

http://gallery.menalto.com/gallery_2.2.3_released

http://bugs.gentoo.org/show_bug.cgi?id=191587

Details

Source: Mitre, NVD

Published: 2007-09-04

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical