Lucene search
MitreCVELIST:CVE-2008-4129HistorySep 18, 2008 - 8:00 p.m.
CVE-2008-4129
2008-09-1820:00:00
mitre
www.cve.org
Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality.
References
gallery.menalto.com/gallery_1.5.9_released
gallery.menalto.com/gallery_2.2.6_released
secunia.com/advisories/31912
secunia.com/advisories/32662
secunia.com/advisories/33144
security.gentoo.org/glsa/glsa-200811-02.xml
www.securityfocus.com/bid/31231
exchange.xforce.ibmcloud.com/vulnerabilities/45228
www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html
www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html
Related
ubuntucve
ubuntucve
CVE-2008-4129
2008-09-18 00:00:00
nvd
nvd
CVE-2008-4129
2008-09-18 20:00:00
cve
cve
CVE-2008-4129
2008-09-18 20:00:00
prion
prion
Directory traversal
2008-09-18 20:00:00
openvas
openvas
FreeBSD Ports: gallery
2008-09-24 00:00:00
FreeBSD Ports: gallery
2008-09-24 00:00:00
Fedora Update for gallery2 FEDORA-2008-11218
2009-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: gallery2-2.3-1.fc8
2008-12-13 15:03:15
[SECURITY] Fedora 10 Update: gallery2-2.3-1.fc10
2008-12-13 15:01:20
[SECURITY] Fedora 9 Update: gallery2-2.3-1.fc9
2008-12-13 15:08:04
nessus
nessus
Fedora 10 : gallery2-2.3-1.fc10 (2008-11218)
2009-04-23 00:00:00
Fedora 9 : gallery2-2.3-1.fc9 (2008-11258)
2008-12-15 00:00:00
Fedora 8 : gallery2-2.3-1.fc8 (2008-11230)
2008-12-15 00:00:00
gentoo
gentoo
Gallery: Multiple vulnerabilities
2008-11-09 00:00:00
securityvulns
securityvulns