CVE-2006-0410 — MEDIUM (5.0)

Vulnerability Description

SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
John Lim	Adodb	4.66

References

http://secunia.com/advisories/18575PatchVendor Advisory
http://secunia.com/advisories/18732
http://secunia.com/advisories/18745
http://secunia.com/advisories/19555
http://secunia.com/advisories/19590
http://secunia.com/advisories/19591
http://secunia.com/advisories/19691
http://sourceforge.net/project/shownotes.php?release_id=387862&group_id=42718Patch
http://www.debian.org/security/2006/dsa-1029
http://www.debian.org/security/2006/dsa-1030
http://www.debian.org/security/2006/dsa-1031
http://www.gentoo.org/security/en/glsa/glsa-200602-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
http://www.osvdb.org/22705
http://www.securityfocus.com/bid/16364

FAQ

What is CVE-2006-0410?

CVE-2006-0410 is a vulnerability with a CVSS score of 5.0 (MEDIUM). SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.

How severe is CVE-2006-0410?

CVE-2006-0410 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-0410?

Check the references section above for vendor advisories and patch information. Affected products include: John Lim Adodb.