Lucene search

[email protected]CVE-2006-2320

HistoryMay 12, 2006 - 12:02 a.m.

CVE-2006-2320

2006-05-1200:02:00

[email protected]

web.nvd.nist.gov

cve-2006-2320

sql injection

ideal science

ideal bb

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.0%

JSON

Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209.

Affected configurations

NVD

Node

ideal_scienceidealbbMatch1.5.0_beta1

ideal_scienceidealbbMatch1.5.0_beta2

ideal_scienceidealbbMatch1.5.0_beta3

ideal_scienceidealbbMatch1.5.0_beta4

ideal_scienceidealbbMatch1.5.0_rc1

ideal_scienceidealbbMatch1.5.1

ideal_scienceidealbbMatch1.5.2

ideal_scienceidealbbMatch1.5.2a

ideal_scienceidealbbMatch1.5.2b

ideal_scienceidealbbMatch1.5.2c

ideal_scienceidealbbMatch1.5.3

ideal_scienceidealbbMatch1.5.3_beta1

ideal_scienceidealbbMatch1.5.3_beta2

ideal_scienceidealbbMatch1.5.3a

ideal_scienceidealbbMatch1.5.3b

ideal_scienceidealbbMatch1.5.4a

CPENameOperatorVersion
ideal_science:idealbbideal science idealbbeq1.5.0_beta1
ideal_science:idealbbideal science idealbbeq1.5.0_beta2
ideal_science:idealbbideal science idealbbeq1.5.0_beta3
ideal_science:idealbbideal science idealbbeq1.5.0_beta4
ideal_science:idealbbideal science idealbbeq1.5.0_rc1
ideal_science:idealbbideal science idealbbeq1.5.1
ideal_science:idealbbideal science idealbbeq1.5.2
ideal_science:idealbbideal science idealbbeq1.5.2a
ideal_science:idealbbideal science idealbbeq1.5.2b
ideal_science:idealbbideal science idealbbeq1.5.2c

CPE	Name	Operator	Version
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_beta1
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_beta2
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_beta3
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_beta4
ideal_science:idealbb	ideal science idealbb	eq	1.5.0_rc1
ideal_science:idealbb	ideal science idealbb	eq	1.5.1
ideal_science:idealbb	ideal science idealbb	eq	1.5.2
ideal_science:idealbb	ideal science idealbb	eq	1.5.2a
ideal_science:idealbb	ideal science idealbb	eq	1.5.2b
ideal_science:idealbb	ideal science idealbb	eq	1.5.2c

Rows per page:

1-10 of 161

References

secunia.com/advisories/20035

securityreason.com/securityalert/871

www.idealscience.com/ibb/posts.aspx?postID=24415

www.osvdb.org/25457

www.securityfocus.com/archive/1/433248/100/0/threaded

www.securityfocus.com/bid/17920

www.vupen.com/english/advisories/2006/1729

exchange.xforce.ibmcloud.com/vulnerabilities/26354

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.0%

JSON

Related for CVE-2006-2320

cvelist2 nvd2 prion1 cve1 nessus2 openvas2