| Release Date | Aug 20, 2009 |
| Severity | Medium |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems. |
| Description | This indicates an attack attempt against a SQL injection vulnerability in Adobe RoboHelp Server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to execute arbitrary SQL statements. |
| Affected Products | Adobe RoboHelp Server 7
Adobe RoboHelp Server 6 |
| Recommended Actions | Apply patch, available from the web site:
http://www.adobe.com/support/security/bulletins/downloads/apsb08-16.zip |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2991
|
| Reference/s | http://www.securityfocus.com/bid/30137 (BugTraq)
http://www.vupen.com/english/advisories/2008/2026 (FrSIRT)
|