PT-2006-1648 · Gallery · Gallery
Published
2006-02-08
·
Updated
2024-02-14
·
CVE-2006-0587
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Gallery versions prior to 1.5.2-pl2
Description
The issue allows remote authenticated users to trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.
Recommendations
For versions prior to 1.5.2-pl2, update to version 1.5.2-pl2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gallery