Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2562

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2562
Last Modified 05 Sep 2008 04:44:29
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2562

Summary

SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises (LBE) Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Vulnerable Systems

Application

  • Leigh Business Enterprises Web Helpdesk 1.2 1999-07-00

  • Leigh Business Enterprises Web Helpdesk 1.3 2000-07-00

  • Leigh Business Enterprises Web Helpdesk 1.4 2000-08-00

  • Leigh Business Enterprises Web Helpdesk 4.0 2001-03-00

  • Leigh Business Enterprises Web Helpdesk 4.0.0.33 2001-05-00

  • Leigh Business Enterprises Web Helpdesk 4.0.0.35 2001-06-04

  • Leigh Business Enterprises Web Helpdesk 4.0.0.38 2001-06-10

  • Leigh Business Enterprises Web Helpdesk 4.0.0.40 2001-07-21

  • Leigh Business Enterprises Web Helpdesk 4.0.0.41 2001-08-27

  • Leigh Business Enterprises Web Helpdesk 4.0.0.43 2001-09-28

  • Leigh Business Enterprises Web Helpdesk 4.0.0.50

  • Leigh Business Enterprises Web Helpdesk 4.0.0.52

  • Leigh Business Enterprises Web Helpdesk 4.0.0.53

  • Leigh Business Enterprises Web Helpdesk 4.0.0.54

  • Leigh Business Enterprises Web Helpdesk 4.0.0.59

  • Leigh Business Enterprises Web Helpdesk 4.0.0.60

  • Leigh Business Enterprises Web Helpdesk 4.0.0.61

  • Leigh Business Enterprises Web Helpdesk 4.0.0.62

  • Leigh Business Enterprises Web Helpdesk 4.0.0.63

  • Leigh Business Enterprises Web Helpdesk 4.0.0.64

  • Leigh Business Enterprises Web Helpdesk 4.0.0.65

  • Leigh Business Enterprises Web Helpdesk 4.0.0.66

  • Leigh Business Enterprises Web Helpdesk 4.0.0.67

  • Leigh Business Enterprises Web Helpdesk 4.0.0.68

  • Leigh Business Enterprises Web Helpdesk 4.0.0.69

  • Leigh Business Enterprises Web Helpdesk 4.0.0.70

  • Leigh Business Enterprises Web Helpdesk 4.0.0.71

  • Leigh Business Enterprises Web Helpdesk 4.0.0.72

  • Leigh Business Enterprises Web Helpdesk 4.0.0.73

  • Leigh Business Enterprises Web Helpdesk 4.0.0.74

  • Leigh Business Enterprises Web Helpdesk 4.0.0.75

  • Leigh Business Enterprises Web Helpdesk 4.0.0.76

  • Leigh Business Enterprises Web Helpdesk 4.0.0.77

  • Leigh Business Enterprises Web Helpdesk 4.0.0.78

  • Leigh Business Enterprises Web Helpdesk 4.0.0.79

  • Leigh Business Enterprises Web Helpdesk 4.0.0.80


References

BID - 10773

MISC - http://www.securiteam.com/windowsntfocus/5QP0M0ADGI.html

SECUNIA - 12123

XF - webhelpdesk-jobedit-sql-injection(16779)

OSVDB - 8181

CONFIRM - http://www.lbehelpdesk.com/patch/web/history.txt


Last Updated: 27 May 2016 10:39:32