SQL-Ledger Redirect Function Arbitrary Code Execution Vulnerability
|
Bugtraq ID:
|
22295
|
|
Class:
|
Boundary Condition Error
|
|
CVE:
|
CVE-2007-0667
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Dec 18 2006 12:00AM
|
|
Updated:
|
Feb 06 2007 07:28PM
|
|
Credit:
|
Chris Travers is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
SQL-Ledger SQL-Ledger 2.6.21
SQL-Ledger SQL-Ledger 2.6.19
SQL-Ledger SQL-Ledger 2.6.18
SQL-Ledger SQL-Ledger 2.6.17
SQL-Ledger SQL-Ledger 2.4.7
LedgerSMB LedgerSMB 1.1
LedgerSMB LedgerSMB 1.1
LedgerSMB LedgerSMB 1.0 p1
LedgerSMB LedgerSMB 1.0
|
|
|
|
Not Vulnerable:
|
LedgerSMB LedgerSMB 1.1.5
|
|
