SQL-Ledger Redirect Function Arbitrary Code Execution Vulnerability

Bugtraq ID: 22295
Class: Boundary Condition Error
CVE: CVE-2007-0667
Remote: Yes
Local: No
Published: Dec 18 2006 12:00AM
Updated: Feb 06 2007 07:28PM
Credit: Chris Travers is credited with the discovery of this vulnerability.
Vulnerable: SQL-Ledger SQL-Ledger 2.6.21
SQL-Ledger SQL-Ledger 2.6.19
SQL-Ledger SQL-Ledger 2.6.18
SQL-Ledger SQL-Ledger 2.6.17
SQL-Ledger SQL-Ledger 2.4.7
LedgerSMB LedgerSMB 1.1
LedgerSMB LedgerSMB 1.1
LedgerSMB LedgerSMB 1.0 p1
LedgerSMB LedgerSMB 1.0
Not Vulnerable: LedgerSMB LedgerSMB 1.1.5


Privacy Statement
Copyright 2010, SecurityFocus