Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5776

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5776
Last Modified 15 Nov 2008 02:02:09
Published 01 Nov 2007 12:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5776

Summary

Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence.

Vulnerable Systems

Application

  • Blue-collar Productions I-gallery 3.4


References

BUGTRAQ - 20071023 i-Gallery 3.4 bug crack password!

OSVDB - 43628

BID - 26348

SREASON - 3330


Last Updated: 27 May 2016 10:46:16