cbcvebase.
CVE-2013-7369
published 2014-04-18

CVE-2013-7369: SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus…

PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.26%
66.0th percentile
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure Server Security 9.20 before HF01 allows remote attackers to execute arbitrary SQL commands via unknown vectors, related to GetCommand.

Affected

4 ranges
VendorProductVersion rangeFixed in
f-secureanti-virus
f-secureanti-virus
f-secureemail_and_server_security
f-secureserver_security
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.