CVE-2007-3298

CVE-2007-3298

EPSS 1.1%

SQL injection vulnerability in Spey before 0.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to MessageProcessor.cc and possibly other components.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://osvdb.org/38729 http://sourceforge.net/forum/forum.php?forum_id=687624 http://sourceforge.net/project/shownotes.php?group_id=108104&release_id=502366 http://spey.cvs.sourceforge.net/spey/spey/src/MessageProcessor.cc?view=log http://www.vupen.com/english/advisories/2007/2249