diff options
author | Nico Golde <nion@debian.org> | 2007-09-07 20:16:13 +0000 |
---|---|---|
committer | Nico Golde <nion@debian.org> | 2007-09-07 20:16:13 +0000 |
commit | 9c5bab3900fdc3facd2e2812e81b07fc027aa500 (patch) | |
tree | 47c07b0e4016a93c9cb3a6f989205d6e921886f8 /data/DTSA/advs | |
parent | 8197a32736a8fda0f7719aa5cdcfc992f95ebad1 (diff) |
gforge advisory added
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@6539 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA/advs')
-rw-r--r-- | data/DTSA/advs/57.gforge.adv | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/data/DTSA/advs/57.gforge.adv b/data/DTSA/advs/57.gforge.adv new file mode 100644 index 0000000000..4b111b82ee --- /dev/null +++ b/data/DTSA/advs/57.gforge.adv @@ -0,0 +1,20 @@ +source: gforge +date: September 9, 2007 +author: Nico Golde +vuln-type: sql injection +problem-scope: remote +debian-specifc: no +cve: CVE-2007-3913 +vendor-advisory: +testing-fix: 4.5.14-23lenny2 +sid-fix: 4.6.99+svn6086-1 +upgrade: apt-get upgrade + +The gforge collaborative development environment is prone +to an SQL injection due to insufficient input sanitizing. + +CVE-2007-3913 + +SQL injection vulnerability in Gforge before 3.1 allows +remote attackers to execute arbitrary SQL commands via +unspecified vectors. |