Vulnerability Description
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bharat Mediratta | Gallery | <= 2.2.2 |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/show_bug.cgi?id=191587
- http://gallery.menalto.com/gallery_2.2.3_releasedPatch
- http://osvdb.org/41657
- http://osvdb.org/41658
- http://secunia.com/advisories/26716
- http://secunia.com/advisories/26719
- http://secunia.com/advisories/27502
- http://secunia.com/advisories/27594
- http://security.gentoo.org/glsa/glsa-200711-03.xml
- http://www.debian.org/security/2007/dsa-1404
- http://www.securityfocus.com/bid/25580
- http://www.vupen.com/english/advisories/2007/3072
- https://bugzilla.redhat.com/show_bug.cgi?id=267421
- https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.
- http://bugs.gentoo.org/show_bug.cgi?id=191587
FAQ
What is CVE-2007-4650?
CVE-2007-4650 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebD...
How severe is CVE-2007-4650?
CVE-2007-4650 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4650?
Check the references section above for vendor advisories and patch information. Affected products include: Bharat Mediratta Gallery.