User: Password:
Subscribe / Log in / New account

gallery3: insecure URL handling

Package(s):gallery3 CVE #(s):CVE-2013-2138
Created:June 14, 2013 Updated:June 19, 2013

From the Fedora bug:

A security flaw was found in the way uploadify and flowplayer SWF files handling functionality of Gallery version 3, an open source project with the goal to develop and support leading photo sharing web application solutions, processed certain URL fragments passed to these files (certain URL fragments were not stripped properly when these files were called via direct URL request(s)). A remote attacker could use this flaw to conduct replay attacks.

Fedora FEDORA-2013-10138 gallery3 2013-06-14
Fedora FEDORA-2013-10168 gallery3 2013-06-14

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds