Lucene search
RedhatCVELIST:CVE-2011-4959HistorySep 17, 2012 - 5:00 p.m.
CVE-2011-4959
2012-09-1717:00:00
redhat
www.cve.org
1
sql injection
silverstripe
mysql
far east character encodings
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
doc.silverstripe.org/framework/en/trunk/changelogs/2.3.12
doc.silverstripe.org/framework/en/trunk/changelogs/2.4.6
www.openwall.com/lists/oss-security/2012/04/30/1
www.openwall.com/lists/oss-security/2012/04/30/3
github.com/silverstripe/sapphire/commit/73cca09
github.com/silverstripe/sapphire/commit/ca78784
github.com/silverstripe/silverstripe-cms/commit/b5ea2f6
Related
cve
cve
CVE-2011-4959
2012-09-17 17:55:02
prion
prion
Sql injection
2012-09-17 17:55:00
nvd
nvd
CVE-2011-4959
2012-09-17 17:55:02