Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830245
lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html
lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html
rhn.redhat.com/errata/RHSA-2012-1278.html
rhn.redhat.com/errata/RHSA-2012-1281.html
secunia.com/advisories/50660
www.securityfocus.com/bid/55618