Release DateAug 20, 2009 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a SQL injection vulnerability in Adobe RoboHelp Server.The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to execute arbitrary SQL statements. |
Affected ProductsAdobe RoboHelp Server 7Adobe RoboHelp Server 6 |
Recommended ActionsApply patch, available from the web site:http://www.adobe.com/support/security/bulletins/downloads/apsb08-16.zip |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-2991 |
Reference/shttp://www.securityfocus.com/bid/30137 (BugTraq)http://www.frsirt.com/english/advisories/2008/2026 (FrSIRT) |
