Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using “linked items” in WebDAV and (b) Reupload modules.
bugs.gentoo.org/show_bug.cgi?id=191587
gallery.menalto.com/gallery_2.2.3_released
osvdb.org/41657
osvdb.org/41658
secunia.com/advisories/26716
secunia.com/advisories/26719
secunia.com/advisories/27502
secunia.com/advisories/27594
security.gentoo.org/glsa/glsa-200711-03.xml
www.debian.org/security/2007/dsa-1404
www.securityfocus.com/bid/25580
www.vupen.com/english/advisories/2007/3072
bugzilla.redhat.com/show_bug.cgi?id=267421
www.redhat.com/archives/fedora-package-announce/2007-September/msg00097.html