Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2461

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2005-2461
Last Modified 05 Sep 2008 04:51:49
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2461

Summary

Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) date parameter.

Vulnerable Systems

Application

  • Kayako Liveresponse 2.0


References

BID - 14425

OSVDB - 18396

MISC - http://www.gulftech.org/?node=research&article_id=00092-07302005

SECUNIA - 16286

BUGTRAQ - 20050730 Kayako liveResponse Multiple Vulnerabilities


Last Updated: 27 May 2016 10:40:32