Release DateNov 03, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt to exploit a SQL Injection vulnerability in InTouch.The vulnerability is a result of the application's failure to properly sanitize user input before using it in a SQL query. It may allow a remote attacker to send a crafted query that will execute SQL commands on a vulnerable server. |
Affected ProductsinTouch 0.5.1 Alpha and earlier versions. |
Recommended ActionsUpgrade to the latest version available from the website.http://intouch.sourceforge.net/#resources |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-0088 |
Reference/shttp://www.securityfocus.com/bid/16110 (BugTraq) |
