[Secure-testing-commits] r6539 - data/DTSA/advs
nion at alioth.debian.org
nion at alioth.debian.org
Fri Sep 7 20:16:13 UTC 2007
Author: nion
Date: 2007-09-07 20:16:13 +0000 (Fri, 07 Sep 2007)
New Revision: 6539
Added:
data/DTSA/advs/57.gforge.adv
Log:
gforge advisory added
Added: data/DTSA/advs/57.gforge.adv
===================================================================
--- data/DTSA/advs/57.gforge.adv (rev 0)
+++ data/DTSA/advs/57.gforge.adv 2007-09-07 20:16:13 UTC (rev 6539)
@@ -0,0 +1,20 @@
+source: gforge
+date: September 9, 2007
+author: Nico Golde
+vuln-type: sql injection
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-3913
+vendor-advisory:
+testing-fix: 4.5.14-23lenny2
+sid-fix: 4.6.99+svn6086-1
+upgrade: apt-get upgrade
+
+The gforge collaborative development environment is prone
+to an SQL injection due to insufficient input sanitizing.
+
+CVE-2007-3913
+
+SQL injection vulnerability in Gforge before 3.1 allows
+remote attackers to execute arbitrary SQL commands via
+unspecified vectors.
More information about the Secure-testing-commits
mailing list