5

CVE-2008-2724

Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote attackers to bypass intended access restrictions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MenaltoGallery Version2.1
MenaltoGallery Version2.1.1
MenaltoGallery Version2.1.2
MenaltoGallery Version2.2.0
MenaltoGallery Version2.2.1
MenaltoGallery Version2.2.2
MenaltoGallery Version2.2.3
MenaltoGallery Version2.2.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.56% 0.719
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://gallery.menalto.com/gallery_2.2.5_released
http://secunia.com/advisories/30650
Vendor Advisory
http://secunia.com/advisories/30826
http://www.securityfocus.com/bid/29681
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00766.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00836.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/43031