CVE-2007-4650

{"id": "CVE-2007-4650", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-09-04T17:17:00.000", "references": [{"url": "http://bugs.gentoo.org/show_bug.cgi?id=191587", "source": "cve@mitre.org"}, {"url": "http://gallery.menalto.com/gallery_2.2.3_released", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/41657", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/41658", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26716", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26719", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27502", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27594", "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200711-03.xml", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2007/dsa-1404", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25580", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3072", "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=267421", "source": "cve@mitre.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html", "source": "cve@mitre.org"}, {"url": "http://bugs.gentoo.org/show_bug.cgi?id=191587", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://gallery.menalto.com/gallery_2.2.3_released", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/41657", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/41658", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26716", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26719", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27502", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27594", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-200711-03.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2007/dsa-1404", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/25580", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/3072", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=267421", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using \"linked items\" in WebDAV and (b) Reupload modules."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Gallery anterior a 2.2.3 permite a atacantes (1) renombrar art\u00edculos, (2) leer y modificar propiedades de art\u00edculos, o (3) ver y reemplazar art\u00edculos mediante vectores no especificados en (a) el m\u00f3dulo WebDAV; y (4) editar informaci\u00f3n de ficheros no especificados utilizando \"art\u00edculos enlazados\" en WebDAV y (b) m\u00f3dulos Reupload."}], "lastModified": "2024-11-21T00:36:06.810", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bharat_mediratta:gallery:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27BE968E-DCFA-4453-B660-E793A7FB4CC7", "versionEndIncluding": "2.2.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}