Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
DoS and code execution issue in LedgerSMB < 1.1.5 and SQL-Ledger < 2.6.25
Mar 05 2007 07:43PM
Chris Travers (chris metatrontech com)
A person on the LedgerSMB core team has found a serious arbitrary code
execution issue in LedgerSMB prior to 1.1.5 and SQL-Ledger. A version
of SQL-Ledger which fixes this vulnerability was released today (version
The vulnerability allows a user to specify a custom function to run...
[ more ]
Copyright 2010, SecurityFocus