CVE Vulnerabilities

CVE-2008-2724

Published: Jun 16, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote attackers to bypass intended access restrictions.

Affected Software

Name Vendor Start Version End Version
Gallery Menalto 2.1 2.1
Gallery Menalto 2.1.1 2.1.1
Gallery Menalto 2.1.2 2.1.2
Gallery Menalto 2.2.0 2.2.0
Gallery Menalto 2.2.1 2.2.1
Gallery Menalto 2.2.2 2.2.2
Gallery Menalto 2.2.3 2.2.3
Gallery Menalto 2.2.4 2.2.4
Gallery2 Ubuntu dapper *
Gallery2 Ubuntu feisty *
Gallery2 Ubuntu gutsy *
Gallery2 Ubuntu hardy *
Gallery2 Ubuntu upstream *

References