FreeBSD : gallery -- multiple vulnerabilities (fc9e73b2-8685-11dd-bb64-0030843d3802)
High Nessus Plugin ID 34247
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionSecunia reports :
An error in the handing of ZIP archives with symbolic links can be exploited to disclose the contents of arbitrary files.
Input from uploaded Flash animations is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious data is viewed.
SolutionUpdate the affected packages.