Lucene search
PRIOn knowledge basePRION:CVE-2007-0667HistoryFeb 02, 2007 - 9:28 p.m.
Design/Logic Flaw
2007-02-0221:28:00
PRIOn knowledge base
www.prio-n.com
2
7.4 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.6%
The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ledgersmb | le | 1.1.1 | |
| sql-ledger | eq | 2.4.7 | |
| sql-ledger | eq | 2.6.19 | |
| sql-ledger | eq | 2.6.17 | |
| sql-ledger | eq | 2.6.25 | |
| sql-ledger | eq | 2.6.18 | |
| sql-ledger | eq | 2.6.21 |
Related
ubuntucve
ubuntucve
CVE-2007-0667
2007-02-02 00:00:00
debiancve
debiancve
CVE-2007-0667
2007-02-02 21:28:00
CVE-2006-5872
2006-12-18 00:28:00
cve
cve
CVE-2007-0667
2007-02-02 21:28:00
CVE-2006-5872
2006-12-18 00:28:00
nessus
nessus
FreeBSD : sql-ledger -- multiple vulnerabilities (0679deeb-8eaf-11db-abc9-0003476f14d3)
2006-12-30 00:00:00
Debian DSA-1239-1 : sql-ledger - several vulnerabilities
2006-12-18 00:00:00
securityvulns
securityvulns
Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872
2007-01-28 00:00:00
Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects
2007-01-30 00:00:00
freebsd
freebsd
sql-ledger -- multiple vulnerabilities
2006-12-17 00:00:00
openvas
openvas
FreeBSD Ports: sql-ledger
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1239-1)
2008-01-17 00:00:00
FreeBSD Ports: sql-ledger
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1239-1] New sql-ledger packages fix arbitrary code execution
2006-12-17 15:21:18
osv
osv
sql-ledger
2006-12-17 00:00:00
7.4 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.6%
Related for PRION:CVE-2007-0667