Multiple McAfee Appliances Multiple SQL Injection and Remote Command Execution Vulnerabilities

McAfee Email and Web Security Appliance and Email Gateway are prone to multiple SQL-injection and remote command-execution vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting these issues could allow an attacker to execute arbitrary command, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.


 

Privacy Statement
Copyright 2010, SecurityFocus