Vulnerability Name:

CVE-2006-0587 (CCN-24538)

Assigned:2006-02-07
Published:2006-02-07
Updated:2017-07-20
Summary:Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
4.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: BUGTRAQ
Type: UNKNOWN
20060214 Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution

Source: BUGTRAQ
Type: UNKNOWN
20060216 Re: Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution

Source: MITRE
Type: CNA
CVE-2006-0587

Source: CCN
Type: Gallery Web site
Gallery 1.5.2-pl2 Security Release

Source: CONFIRM
Type: Patch
http://gallery.menalto.com/gallery_1_5_2_pl2_security_release

Source: CCN
Type: SA18735
Gallery "util.php" Local File Inclusion Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
18735

Source: CCN
Type: SECTRACK ID: 1015641
Gallery `util.php` Include File Bug Lets Remote Users Execute Code Stored on the Local System

Source: SECTRACK
Type: Patch
1015641

Source: MISC
Type: UNKNOWN
http://www.digitalarmaments.com/2006140293402395.html

Source: OSVDB
Type: Patch
22944

Source: OSVDB
Type: UNKNOWN
23256

Source: CCN
Type: OSVDB ID: 22944
Gallery Crafted File Path Manipulation Arbitrary Code Execution

Source: CCN
Type: OSVDB ID: 23256
Gallery util.php Remote File Inclusion

Source: BID
Type: Patch
16533

Source: CCN
Type: BID-16533
Gallery Data Code Execution Vulnerability

Source: XF
Type: UNKNOWN
gallery-album-data-modification(24538)

Source: XF
Type: UNKNOWN
gallery-album-data-modification(24538)

Source: XF
Type: UNKNOWN
gallery-util-file-include(24768)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gallery_project:gallery:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.3_pl1:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.3_pl2:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.4_pl2:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.4_pl3:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.4_pl4:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4.4_pl5:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4_pl1:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.4_pl2:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.5.1_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:gallery_project:gallery:1.5.2_rc2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2006-0587 (CCN-24768)

    Assigned:2006-02-14
    Published:2006-02-14
    Updated:2006-02-14
    Summary:Gallery could allow a remote attacker to include malicious PHP files. If a remote attacker can upload files to the server, the attacker could send a specially-crafted URL request to the util.php script to specify a malicious PHP file on the local system, which could allow the attacker to execute arbitrary code on the vulnerable system.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
    4.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Consequences:Gain Access
    References:Source: CCN
    Type: BugTraq Mailing List, Tue Feb 14 2006 - 12:38:44 CST
    Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution

    Source: MITRE
    Type: CNA
    CVE-2006-0587

    Source: CCN
    Type: Gallery Web site
    Gallery - Your Photos on Your Website

    Source: CCN
    Type: SA18735
    Gallery "util.php" Local File Inclusion Vulnerability

    Source: CCN
    Type: SECTRACK ID: 1015641
    Gallery `util.php` Include File Bug Lets Remote Users Execute Code Stored on the Local System

    Source: CCN
    Type: OSVDB ID: 22944
    Gallery Crafted File Path Manipulation Arbitrary Code Execution

    Source: CCN
    Type: OSVDB ID: 23256
    Gallery util.php Remote File Inclusion

    Source: CCN
    Type: BID-16533
    Gallery Data Code Execution Vulnerability

    Source: XF
    Type: UNKNOWN
    gallery-util-file-include(24768)

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:gallery:gallery:1.5.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    gallery_project gallery 1.3.4
    gallery_project gallery 1.4
    gallery_project gallery 1.4.1
    gallery_project gallery 1.4.2
    gallery_project gallery 1.4.3_pl1
    gallery_project gallery 1.4.3_pl2
    gallery_project gallery 1.4.4_pl2
    gallery_project gallery 1.4.4_pl3
    gallery_project gallery 1.4.4_pl4
    gallery_project gallery 1.4.4_pl5
    gallery_project gallery 1.4_pl1
    gallery_project gallery 1.4_pl2
    gallery_project gallery 1.5
    gallery_project gallery 1.5.1
    gallery_project gallery 1.5.1_rc2
    gallery_project gallery 1.5.2_rc2
    gallery gallery 1.5.2