漏洞信息详情
Gallery 未明跨站脚本攻击漏洞
- CNNVD编号:CNNVD-200604-169
- 危害等级: 低危
- CVE编号: CVE-2006-1696
- 漏洞类型: 跨站脚本
- 发布时间: 2006-04-11
- 威胁类型: 远程
- 更新时间: 2006-04-11
- 厂 商: gallery_project
- 漏洞来源: Aditya Mooley is c...
漏洞简介
Gallery 1.5.3之前的版本中存在跨站脚本攻击漏洞。这使得远程攻击者可以借助于未知攻击向量注入任意Web脚本或HTML。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Gallery Gallery 1.4 -pl2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4 -pl1
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.1
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.3 -pl2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.3 -pl1
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.4 -pl5
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.4 -pl3
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.4 -pl4
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.4.4 -pl2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5 -pl1
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5.1
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5.1 -RC2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5.2 -pl2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5.2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
Gallery Gallery 1.5.2 -RC2
Gallery gallery-1.5.3.tar.gz
http://prdownloads.sourceforge.net/gallery/gallery-1.5.3.tar.gz
参考网址
来源: VUPEN
名称: ADV-2006-1285
链接:http://www.frsirt.com/english/advisories/2006/1285
来源: sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=408602&group_id=7130
来源: SECUNIA
名称: 19580
链接:http://secunia.com/advisories/19580
来源: XF
名称: gallery-unspecified-xss(25707)
链接:http://xforce.iss.net/xforce/xfdb/25707
来源: BID
名称: 17437
链接:http://www.securityfocus.com/bid/17437
来源: OSVDB
名称: 24466
链接:http://www.osvdb.org/24466
受影响实体
- Gallery_project Gallery:1.5.2_rc3
- Gallery_project Gallery:1.5.2_rc2
- Gallery_project Gallery:1.5.2_pl2
- Gallery_project Gallery:1.5.2_pl1
- Gallery_project Gallery:1.4.1
补丁
暂无
评论