Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6689

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6689
Last Modified 15 Nov 2008 02:06:09
Published 16 Jan 2008 09:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6689

Summary

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.

Vulnerable Systems

Application

  • Menalto Gallery 2.2.3


References

CONFIRM - http://gallery.menalto.com/gallery_2.2.4_released

OSVDB - 41669

GENTOO - GLSA-200802-04

SECUNIA - 28898

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=203217


Last Updated: 27 May 2016 10:46:36