Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache gallery apache gallery 0.4.1 |
||
apache gallery apache gallery 0.5 |
||
apache gallery apache gallery 0.5.1 |
||
apache gallery apache gallery 0.6 |
||
apache gallery apache gallery 0.4 |