Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5777

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5777
Last Modified 15 Nov 2008 02:02:10
Published 01 Nov 2007 12:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5777

Summary

Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb.

Vulnerable Systems

Application

  • Blue-collar Productions I-gallery 3.4


References

BUGTRAQ - 20071023 i-Gallery 3.4 bug crack password!

OSVDB - 43629

SREASON - 3330


Last Updated: 27 May 2016 10:46:16