Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Gallery Unspecified Remote Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to an HTML Injection attack.

Description

The remote host is running the Gallery web-based photo album. This version of Gallery is vulnerable to an 'unspecified' flaw. While the exact details of the flaw are unknown, the vendor has released version 2.0.2 as a fix. In addition, this version of Gallery is supposedly vulnerable to an HTML injection flaw. An attacker exploiting this flaw would need to be able to convince a user to browse to a malicious URI. Successful exploitation could lead to the loss of potentially confidential data

Solution

Upgrade to version 2.0.2 or 1.5.2 or higher.