Vulnerability Details : CVE-2007-4650
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.
Exploit prediction scoring system (EPSS) score for CVE-2007-4650
Probability of exploitation activity in the next 30 days: 1.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-4650
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
CWE ids for CVE-2007-4650
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-4650
-
http://www.debian.org/security/2007/dsa-1404
-
http://security.gentoo.org/glsa/glsa-200711-03.xml
-
https://bugzilla.redhat.com/show_bug.cgi?id=267421
-
http://gallery.menalto.com/gallery_2.2.3_released
Patch
-
http://www.securityfocus.com/bid/25580
-
http://www.vupen.com/english/advisories/2007/3072
-
http://bugs.gentoo.org/show_bug.cgi?id=191587
-
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html
Products affected by CVE-2007-4650
- cpe:2.3:a:bharat_mediratta:gallery:*:*:*:*:*:*:*:*