CVE-2007-4650

Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.

Published: Sep 4, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-4650
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
bharat_mediratta / gallery	-	2.2.2.x

http://bugs.gentoo.org/show_bug.cgi?id=191587
http://gallery.menalto.com/gallery_2.2.3_released
http://osvdb.org/41657
http://osvdb.org/41658
http://secunia.com/advisories/26716
http://secunia.com/advisories/26719
http://secunia.com/advisories/27502
http://secunia.com/advisories/27594
http://security.gentoo.org/glsa/glsa-200711-03.xml
http://www.debian.org/security/2007/dsa-1404
http://www.securityfocus.com/bid/25580
http://www.vupen.com/english/advisories/2007/3072
https://bugzilla.redhat.com/show_bug.cgi?id=267421
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html

Vulnerability Database

289,697

CVE-2007-4650