| Name | Coppermine.Photo.Gallery.Remote.Command.Execution |
| Last Updated Date | Mar 09, 2010 |
| Release Date | Feb 04, 2008 |
| Severity | High |
| Impact | System compromise: remote code execution. |
| Description | This indicates an attempt to exploit one of several remote command execution vulnerabilities in Coppermine Photo Gallery.
The vulnerabilities are caused by an error that occurs when the vulnerable software handles a malformed request. It allows a remote attacker to execute arbitrary code by sending a crafted request. |
| Affected Products | Coppermine Photo Gallery version 1.4.4 and prior. |
| Recommended Actions | Apply the patch available from the web site:
http://downloads.sourceforge.net/coppermine/cpg1.4.15.zip |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0506
|
| Reference/s | http://www.securityfocus.com/bid/27512 (BugTraq)
http://www.vupen.com/english/advisories/2008/0367 (FrSIRT)
|