FKIE_CVE-2013-2138

Vulnerability from fkie_nvd - Published: 2013-10-10 00:55 - Updated: 2026-04-29 01:13
Severity ?
Summary
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack.
References
secalert@redhat.comhttp://galleryproject.org/gallery_3_0_8Vendor Advisory
secalert@redhat.comhttp://sourceforge.net/apps/trac/gallery/ticket/2068
secalert@redhat.comhttp://sourceforge.net/apps/trac/gallery/ticket/2070
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/06/04/9
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=970596
secalert@redhat.comhttps://github.com/gallery/gallery3/commit/3e5bba2cd4febe8331c0158c11ea418f21c72efa
secalert@redhat.comhttps://github.com/gallery/gallery3/commit/80bb0f2222dd99ed2ce59e804b833bab63cc376a
af854a3a-2127-422b-91ae-364da2661108http://galleryproject.org/gallery_3_0_8Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/apps/trac/gallery/ticket/2068
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/apps/trac/gallery/ticket/2070
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/06/04/9
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=970596
af854a3a-2127-422b-91ae-364da2661108https://github.com/gallery/gallery3/commit/3e5bba2cd4febe8331c0158c11ea418f21c72efa
af854a3a-2127-422b-91ae-364da2661108https://github.com/gallery/gallery3/commit/80bb0f2222dd99ed2ce59e804b833bab63cc376a
Impacted products
Vendor Product Version
menalto gallery *
menalto gallery 3.0
menalto gallery 3.0
menalto gallery 3.0
menalto gallery 3.0
menalto gallery 3.0
menalto gallery 3.0
menalto gallery 3.0.1
menalto gallery 3.0.2
menalto gallery 3.0.3
menalto gallery 3.0.4
menalto gallery 3.0.5
menalto gallery 3.0.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:menalto:gallery:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13B35910-DF63-41C5-AFCD-21111B1B6FF2",
              "versionEndIncluding": "3.0.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E03EC35B-64BA-4737-97F1-C1C7F87A8A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "21D57BF7-DE0B-4113-8C49-15C66F65C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "EB61AE85-CE1B-4BE6-81F9-618600E9E7E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "938CB8B1-0790-4042-89E0-808640FC3CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "646BA731-CFC1-484A-AFAA-814BC7E43055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "7E5985C2-DE40-4648-8235-67FDAAE6881B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "113FE735-4968-4946-9888-9809093940F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A36D265-ECE7-48F2-A9E3-9872B9A25472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8A398D0-1ABF-4461-8867-DFB8A2FE7D6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F01188B-760C-497C-89F1-BBAEA0020F2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E2BFECE-ACD7-439B-BBE0-D4D0EE5FC6D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:menalto:gallery:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938FFC5-EECC-4BFB-BBAB-A99AABF873E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack."
    },
    {
      "lang": "es",
      "value": "Los archivos SWF (1) uploadify y (2) flowplayer en Gallery 3 anterior a 3.0.8 no eliminan apropiadamente los par\u00e1metros y fragmentos de consulta, lo que permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un ataque replay."
    }
  ],
  "id": "CVE-2013-2138",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-10T00:55:14.587",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://galleryproject.org/gallery_3_0_8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/apps/trac/gallery/ticket/2068"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/apps/trac/gallery/ticket/2070"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/04/9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=970596"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/gallery/gallery3/commit/3e5bba2cd4febe8331c0158c11ea418f21c72efa"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/gallery/gallery3/commit/80bb0f2222dd99ed2ce59e804b833bab63cc376a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://galleryproject.org/gallery_3_0_8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/apps/trac/gallery/ticket/2068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/apps/trac/gallery/ticket/2070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/04/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=970596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/gallery/gallery3/commit/3e5bba2cd4febe8331c0158c11ea418f21c72efa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/gallery/gallery3/commit/80bb0f2222dd99ed2ce59e804b833bab63cc376a"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.