Lucene search
Ubuntu.comUB:CVE-2013-2138HistoryOct 10, 2013 - 12:00 a.m.
CVE-2013-2138
2013-10-1000:00:00
ubuntu.com
ubuntu.com
8
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.016
Percentile
87.6%
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do
not properly remove query parameters and fragments, which allows remote
attackers to have an unspecified impact via a replay attack.
Notes
| Author | Note |
|---|---|
| seth-arnold | our versions of gallery and gallery2 do not have the swf files, and other packages with uploadify don’t appear to have the same issue on first inspection |
Related
openvas
openvas
Fedora Update for gallery3 FEDORA-2013-10168
2013-06-18 00:00:00
Fedora Update for gallery3 FEDORA-2013-10138
2013-06-18 00:00:00
Fedora Update for gallery3 FEDORA-2013-10168
2013-06-18 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: gallery3-3.0.8-1.fc18
2013-06-14 02:34:32
[SECURITY] Fedora 19 Update: gallery3-3.0.8-1.fc19
2013-06-13 06:43:54
[SECURITY] Fedora 17 Update: gallery3-3.0.8-1.fc17
2013-06-14 02:24:34
cvelist
cvelist
CVE-2013-2138
2013-10-10 00:00:00
CVE-2013-2240
2013-10-10 00:00:00
nessus
nessus
Gallery 3.0.x < 3.0.8 Multiple XSS
2013-06-19 00:00:00
Fedora 18 : gallery3-3.0.9-1.fc18 (2013-12424)
2013-07-16 00:00:00
Fedora 17 : gallery3-3.0.9-1.fc17 (2013-12441)
2013-07-16 00:00:00
prion
prion
Design/Logic Flaw
2013-10-10 00:55:00
Security feature bypass
2013-10-10 00:55:00
nvd
nvd
CVE-2013-2138
2013-10-10 00:55:14
CVE-2013-2240
2013-10-10 00:55:14
cve
cve
CVE-2013-2138
2013-10-10 00:55:14
CVE-2013-2240
2013-10-10 00:55:14
freebsd
freebsd
gallery -- multiple vulnerabilities
2013-06-28 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.016
Percentile
87.6%
Related for UB:CVE-2013-2138