Ampache albums.php match Variable SQL Injection

2007-08-20T00:00:00
ID OSVDB:38276
Type osvdb
Reporter OSVDB
Modified 2007-08-20T00:00:00

Description

Solution Description

Upgrade to version 3.3.3.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Secunia Advisory ID:27253 Secunia Advisory ID:26542 Related OSVDB ID: 38277 Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200710-13.xml Other Advisory URL: http://www.ampache.org/announce/3_3_3_5.php ISS X-Force ID: 36121 CVE-2007-4437 Bugtraq ID: 25362