CVE-2012-4343 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2012-4343?

CVE-2012-4343 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.

Q: How severe is CVE-2012-4343?

CVE-2012-4343 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-4343?

Check the references section above for vendor advisories and patch information. Affected products include: Menalto Gallery.

Vulnerability Description

Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Menalto	Gallery	<= 3.0.3

References

http://gallery.menalto.com/gallery_3_0_4
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082954.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082995.html
http://gallery.menalto.com/gallery_3_0_4
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082954.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082995.html

FAQ

What is CVE-2012-4343?

CVE-2012-4343 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.

How severe is CVE-2012-4343?

CVE-2012-4343 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-4343?

Check the references section above for vendor advisories and patch information. Affected products include: Menalto Gallery.