Lucene search

[email protected]CVE-2006-1118

HistoryMar 09, 2006 - 1:06 p.m.

CVE-2006-1118

2006-03-0913:06:00

[email protected]

web.nvd.nist.gov

sql injection

vulnerability

bmail

aardvark

gbk character sets

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.5%

JSON

SQL injection vulnerability in bmail before Aardvark PR9.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving GBK character sets.

Affected configurations

NVD

Node

bmailbmailMatchpr9.0

CPENameOperatorVersion
bmail:bmailbmaileqpr9.0

CPE	Name	Operator	Version
bmail:bmail	bmail	eq	pr9.0

References

secunia.com/advisories/19147

sourceforge.net/project/shownotes.php?group_id=144412&release_id=399256

www.vupen.com/english/advisories/2006/0863

exchange.xforce.ibmcloud.com/vulnerabilities/25073

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

8.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2006-1118

cvelist1 prion1 nvd1