Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0614

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2003-0614
Last Modified 29 Jan 2009 12:25:25
Published 27 Aug 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0614

Summary

Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.

Vulnerable Systems

Application

  • Gallery Project Gallery 1.1

  • Gallery Project Gallery 1.2

  • Gallery Project Gallery 1.2.1

  • Gallery Project Gallery 1.2.1 P1

  • Gallery Project Gallery 1.2.2

  • Gallery Project Gallery 1.2.3

  • Gallery Project Gallery 1.2.4

  • Gallery Project Gallery 1.2.5

  • Gallery Project Gallery 1.3

  • Gallery Project Gallery 1.3.1

  • Gallery Project Gallery 1.3.2

  • Gallery Project Gallery 1.3.3

  • Gallery Project Gallery 1.3.4


References

DEBIAN - DSA-355

BUGTRAQ - 20040101 Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity

BUGTRAQ - 20030727 Gallery XSS security advisory (with fix and patch instructions)

BUGTRAQ - 20030902 GLSA: gallery (200309-06)

CONFIRM - http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=82&mode=thread&order=0&thold=0


Last Updated: 27 May 2016 10:37:58