Candidate: CVE-2008-5296
PublicDate: 2008-12-01 15:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5296
Description:
 Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when register_globals
 is enabled, allows remote attackers to bypass authentication and gain
 administrative via unspecified cookies.  NOTE: some of these details are
 obtained from third party information.
Ubuntu-Description:
Notes:
 mdeslaur> vulnerable code introduced in 1.5.8-svn-b34
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_gallery:
upstream_gallery: released (1.5.9-1.2)
dapper_gallery: ignored (reached end-of-life)
gutsy_gallery: needed (reached end-of-life)
hardy_gallery: not-affected (1.5.7-2ubuntu1)
intrepid_gallery: needed (reached end-of-life)
jaunty_gallery: not-affected (1.5.9-1.2ubuntu1)
karmic_gallery: not-affected (1.5.9-1.2ubuntu1)
devel_gallery: not-affected (1.5.10.dfsg-1ubuntu1)