Lucene search
RedhatCVELIST:CVE-2013-2138HistoryOct 10, 2013 - 12:00 a.m.
CVE-2013-2138
2013-10-1000:00:00
redhat
www.cve.org
2
gallery 3.0.8
uploadify
flowplayer
swf files
query parameters
fragments
replay attack
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack.
References
galleryproject.org/gallery_3_0_8
sourceforge.net/apps/trac/gallery/ticket/2068
sourceforge.net/apps/trac/gallery/ticket/2070
www.openwall.com/lists/oss-security/2013/06/04/9
bugzilla.redhat.com/show_bug.cgi?id=970596
github.com/gallery/gallery3/commit/3e5bba2cd4febe8331c0158c11ea418f21c72efa
github.com/gallery/gallery3/commit/80bb0f2222dd99ed2ce59e804b833bab63cc376a
Related
openvas
openvas
Fedora Update for gallery3 FEDORA-2013-10168
2013-06-18 00:00:00
Fedora Update for gallery3 FEDORA-2013-10138
2013-06-18 00:00:00
Fedora Update for gallery3 FEDORA-2013-10168
2013-06-18 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: gallery3-3.0.8-1.fc18
2013-06-14 02:34:32
[SECURITY] Fedora 19 Update: gallery3-3.0.8-1.fc19
2013-06-13 06:43:54
[SECURITY] Fedora 17 Update: gallery3-3.0.8-1.fc17
2013-06-14 02:24:34
nessus
nessus
Gallery 3.0.x < 3.0.8 Multiple XSS
2013-06-19 00:00:00
Fedora 18 : gallery3-3.0.9-1.fc18 (2013-12424)
2013-07-16 00:00:00
Fedora 17 : gallery3-3.0.9-1.fc17 (2013-12441)
2013-07-16 00:00:00
ubuntucve
ubuntucve
CVE-2013-2138
2013-10-10 00:00:00
prion
prion
Design/Logic Flaw
2013-10-10 00:55:00
Security feature bypass
2013-10-10 00:55:00
nvd
nvd
CVE-2013-2138
2013-10-10 00:55:14
CVE-2013-2240
2013-10-10 00:55:14
cve
cve
CVE-2013-2138
2013-10-10 00:55:14
CVE-2013-2240
2013-10-10 00:55:14
cvelist
cvelist
CVE-2013-2240
2013-10-10 00:00:00
freebsd
freebsd
gallery -- multiple vulnerabilities
2013-06-28 00:00:00