[Bug 180300] [typo3-src] [CVE-2007-6381] SQL injection vulnerability

Fri, 04 Jan 2008 01:50:19 -0800 

Public bug reported:

References:
DSA-1439-1 (http://www.debian.org/security/2007/dsa-1439)

Quoting:
"Henning Pingel discovered that TYPO3, a web content management framework,
performs insufficient input sanitising, making it vulnerable to SQL
injection by logged-in backend users."

** Affects: typo3-src (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: typo3-src (Debian)
     Importance: Unknown
         Status: Unknown

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-6381

** Bug watch added: Debian Bug tracker #457446
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457446

** Also affects: typo3-src (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457446
   Importance: Unknown
       Status: Unknown

-- 
[typo3-src] [CVE-2007-6381] SQL injection vulnerability
https://bugs.launchpad.net/bugs/180300
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to