Vulnerabilities > CVE-2003-0771 - Local Security vulnerability in Apache Gallery

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

apache-gallery

NVD

Published: 2003-09-22

Updated: 2016-10-18

Summary

Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.

Vulnerable Configurations

Part	Description	Count
Application	Apache_Gallery Apache Gallery Apache Gallery 0.4 Apache Gallery Apache Gallery 0.4.1 Apache Gallery Apache Gallery 0.5 Apache Gallery Apache Gallery 0.5.1 Apache Gallery Apache Gallery 0.6	5

References

http://marc.info/?l=bugtraq&m=106304236914921&w=2