PEAR::MDB2 BLOB Field Information Disclosure Vulnerability

PEAR::MDB2 is prone to an information-disclosure vulnerability because the library fails to securely handle URIs in BLOB and CLOB database fields.

Successfully exploiting this issue allows attackers to access potentially sensitive information that may aid in further attacks. Because of the unknown nature of applications that use the affected library, other attacks may also be possible.

MDB2 2.5.0a1 is vulnerable to this issue; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus