Vulnerability Description
Photo Organizer 2.32b and earlier does not properly check the ownership of certain objects, which allows remote attackers to gain unauthorized access via vectors related to (1) camera del, (2) camera edit, (3) folder/album deletion, (4) photo.move, (5) content.indexer, (6) folder.content, and possibly other operations.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Photo Organizer | Photo Organizer | <= 2.32b |
References
- http://bugs.shaftnet.org/task/113
- http://po.shaftnet.org/po_stable_changelogPatch
- http://secunia.com/advisories/23176
- http://www.securityfocus.com/bid/21351Patch
- http://www.vupen.com/english/advisories/2006/4766
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30577
- http://bugs.shaftnet.org/task/113
- http://po.shaftnet.org/po_stable_changelogPatch
- http://secunia.com/advisories/23176
- http://www.securityfocus.com/bid/21351Patch
- http://www.vupen.com/english/advisories/2006/4766
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30577
FAQ
What is CVE-2006-6246?
CVE-2006-6246 is a vulnerability with a CVSS score of 7.5 (HIGH). Photo Organizer 2.32b and earlier does not properly check the ownership of certain objects, which allows remote attackers to gain unauthorized access via vectors related to (1) camera del, (2) camera ...
How severe is CVE-2006-6246?
CVE-2006-6246 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6246?
Check the references section above for vendor advisories and patch information. Affected products include: Photo Organizer Photo Organizer.