Vulnerability Description
The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service (database error) via a ' character in certain messages, tickets, or Wiki entries.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cvstrac | Cvstrac | <= 2.0 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052058.htmlPatchVendor Advisory
- http://osvdb.org/31935
- http://secunia.com/advisories/23940
- http://securityreason.com/securityalert/2192
- http://www.cvstrac.org/cvstrac/chngview?cn=850PatchVendor Advisory
- http://www.cvstrac.org/cvstrac/tktview?tn=683PatchVendor Advisory
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.008.htmlVendor Advisory
- http://www.securityfocus.com/archive/1/458455/100/0/threaded
- http://www.securityfocus.com/bid/22296
- http://www.vupen.com/english/advisories/2007/0398
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052058.htmlPatchVendor Advisory
- http://osvdb.org/31935
- http://secunia.com/advisories/23940
- http://securityreason.com/securityalert/2192
- http://www.cvstrac.org/cvstrac/chngview?cn=850PatchVendor Advisory
FAQ
What is CVE-2007-0347?
CVE-2007-0347 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and caus...
How severe is CVE-2007-0347?
CVE-2007-0347 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0347?
Check the references section above for vendor advisories and patch information. Affected products include: Cvstrac Cvstrac.