oss-sec mailing list archives
CVE id request: menalto gallery
From: Hanno Böck <hanno () hboeck de>
Date: Thu, 12 Jun 2008 12:34:01 +0200
http://gallery.menalto.com/gallery_2.2.5_released cite: Gallery 2.2.5 addresses the following security vulnerabilities: * XSS through host and path component of request URL - The complete request URL is now properly sanitized (applying the same input filtering as for all other inputs). This severe vulnerability affects all modules. * Information disclosure in album-select module - Fixed exposure of album titles through the album-select module when a guest would add a new album to a hidden album. * Permission escalation through zip archive extraction - No longer creating sub-albums when adding items from a zip archive if the active user does not have the necessary permission to do so. * Information disclosure through embed.php - embed.php is no longer susceptible to spoofing the remote address and thus no longer discloses the local filesystem path of the Gallery 2 installation folder. * View permissions not enforced for password protected items - No longer offering the option to protect non-album items directly and only offering the feature for albums since full protection only applies to the items within the album. -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno () hboeck de
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id request: menalto gallery Hanno Böck (Jun 12)
- Re: CVE id request: menalto gallery Steven M. Christey (Jun 16)