Coppermine Photo Gallery usermgr.php unspecified privilege escalation
| coppermine-usermgr-unspecified (26983) |  Medium Risk |
Description:
Coppermine Photo Gallery could allow a remote attacker to gain unauthorized privileges on an affected system, caused by an unspecified vulnerability in the usermgr.php script.
Consequences:
Gain Access
Remedy:
Upgrade to the latest version of Coppermine Photo Gallery (1.4.7 or later), available from Coppermine Photo Gallery Web site. See References.
References:
- Coppermine Gallery Forum: Maintenance release cpg1.4.7 - upgrade mandatory! .
- Coppermine Photo Gallery Web site: Coppermine Photo Gallery.
- CVE-2006-2976: Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery before 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors.
- SA20465: Coppermine Photo Gallery usermgr.php Unspecified Vulnerability
- VUPEN/ADV-2006-2185: Coppermine Photo Gallery usermgr.php Script Privilege Escalation Vulnerability
Platforms Affected:
- Gregory Demar Coppermine Photo Gallery 1.4.6
Reported:
Jun 06, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net