CVE-2006-0587 : Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner

Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.

Published 2006-02-08 01:02:00

Updated 2017-07-20 01:29:54

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-0587

Probability of exploitation activity in the next 30 days: 0.68%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-0587

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P	8.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-0587

Products affected by CVE-2006-0587

Gallery Project » Gallery » Version: 1.3.4
cpe:2.3:a:gallery_project:gallery:1.3.4:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4 Pl1
cpe:2.3:a:gallery_project:gallery:1.4_pl1:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4
cpe:2.3:a:gallery_project:gallery:1.4:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4 Pl2
cpe:2.3:a:gallery_project:gallery:1.4_pl2:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.1
cpe:2.3:a:gallery_project:gallery:1.4.1:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.2
cpe:2.3:a:gallery_project:gallery:1.4.2:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.3 Pl1
cpe:2.3:a:gallery_project:gallery:1.4.3_pl1:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.3 Pl2
cpe:2.3:a:gallery_project:gallery:1.4.3_pl2:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.4 Pl2
cpe:2.3:a:gallery_project:gallery:1.4.4_pl2:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.4 Pl5
cpe:2.3:a:gallery_project:gallery:1.4.4_pl5:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.5
cpe:2.3:a:gallery_project:gallery:1.5:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.5.1
cpe:2.3:a:gallery_project:gallery:1.5.1:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.5.1 Rc2
cpe:2.3:a:gallery_project:gallery:1.5.1_rc2:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.4 Pl3
cpe:2.3:a:gallery_project:gallery:1.4.4_pl3:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.4.4 Pl4
cpe:2.3:a:gallery_project:gallery:1.4.4_pl4:*:*:*:*:*:*:*
Matching versions
Gallery Project » Gallery » Version: 1.5.2 Rc2
cpe:2.3:a:gallery_project:gallery:1.5.2_rc2:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-0587

Exploit prediction scoring system (EPSS) score for CVE-2006-0587

CVSS scores for CVE-2006-0587

References for CVE-2006-0587

Products affected by CVE-2006-0587